May 18, 2012

Posts Comments

You are here: Home / Archives for Brandon Carroll, CCIE #23837

Are You Working On Your CCNA?

April 21, 2011 By Leave a Comment

I made a pact with myself a while back that I would not do CCNA Prep Sessions.  Why?  Well basically because I have so many things on my plate.  I am developing a Cisco Course, Developing a Cisco Press Product, Regularly posting tutorials on the blog and so on.  I get totally swamped.  But in the last three weeks I’ve had numerous requests for assistance getting started with the CCNA.  So, since I’ve had so many requests I’m putting on 4 live session to kickstart CCNA studies for people that are interested.

The cost of the session is $47.00 USD and by having 4 sessions it should accommodate most peoples schedules.  You can visit the sales page or simply enroll below.

 

 

 

Filed Under: CCNA Corner, General Training Tagged With: , , , ,

IKEv1 Aggressive Mode vs. IKEv1 Main Mode

April 20, 2011 By Leave a Comment

The question often comes up regarding the differences between IKE aggressive mode and IKE main mode. The answer is pretty simple. In this post we break down IKEv1 aggressive mode and main mode differences and provide a recommendation based on using the more scalable and more secure solution.

The Breakdown

Aggressive mode requires two exchanges totaling three messages whereas Main mode requires three exchanges totaling six messages. If you’re wondering what the difference is, or why you would even care, it all boils down to the level of security you desire. While the two offer the same services its Main mode that protects the identity of the communicating parties. Aggressive mode does not provide protection for the communicating parties. This means that the peers have to exchange information prior to establishing a secure SA.
In the end, Main mode is slower because of the more lengthy exchange. But alas, it is more secure.

What Should I Do?

You may wish to disable IKEv1 aggressive mode. If you do there is something else to consider. If using a Cisco IPsec VPN Client you will no longer be able to authenticate using pre-shared keys. So, if you don’t mind using digital certificates then go for it.

To disable IKEv1 aggressive mode you will need to type the following: 

crypto ikev1 am-disable

Filed Under: CCSP Study, Security, Studies In VPN Tagged With: , , , ,

Cisco Learning Labs Quick Look

April 19, 2011 By Leave a Comment

This video is a quick look at the Cisco Learning Labs released by Cisco Recently.

Filed Under: CCIE General, CCNA Corner, CCNP Study, CCSP Study, CCVP Study Tagged With: , , ,
« Older Posts
Newer Posts »