MikroTik: IPSEC VPN Tunnel on MikroTik
Gain insight into the workings of the IPSEC tunneling protocol and learn how to effectively implement it on MikroTik RouterOS.
Description
Internet Protocol Security, commonly known as IPSEC, is a widely used VPN protocol suite in modern networks. It facilitates secure connections between two or more offices over the public internet, offering substantial cost and time savings compared to dedicated leased lines.
However, configuring IPSEC correctly can be challenging, as it is a framework protocol with numerous sub-protocols and phases. In this course, a significant portion will be dedicated to a theoretical exploration, providing detailed insights into the various components of IPSEC. Additionally, I will delve into essential security terms associated with IPSEC, including Encryption, Hashing, Authentication, Diffie-Hellman, Symmetric and Asymmetric keys, and more.
Following the theoretical segment, practical LABS will be conducted. I will demonstrate how to configure IPSEC on MikroTik routers, covering both versions—IKEv1 and IKEv2. This course aims to provide a comprehensive understanding of IPSEC, ensuring you can confidently implement and test the configurations.
These are the key highlights of the course, with more details to be explored in each lesson. I'm eager to welcome you to the course and share this valuable knowledge with you
Who this course is for
- Students who want to learn and understand how IPSEC works and know how to configure it on MikroTik RouterOS
- Engineers who want to apply IPSEC tunneling protocol in their networks
What you'll learn
- Understand what is VPN
- Understand what is IPSEC
- Understand the 4 features of IPSEC
- Understand why IPSEC is a protocol suite
- Understand the Protocols used in the IPSEC features
- Understand IPSEC modes of communications
- Understand IPSEC Transport mode
- Understand IPSEC Tunnel mode
- Understand what is Symmetric key encryption
- Understand what is Asymmetric key encryption
- Understand how DH works to share the secret key in a secure way
- Understand the encryption protocols such as: DES, 3DES, AES, Blowfish, Camellia, RSA & DH
- Understand Data Integrity using Hashing algorithms such as: MD5, SHA1, SHA256, SHA512
- Understand the types of IPSEC authentication: Pre-shared key vs Certificate
- Understand IPSEC Negotiation Protocols: AH vs ESP
- Understand the IPSEC negotiation process
- Understand what is the initiator to start the IPSEC VPN
- Understand IKE Phase 1 (ISAKMP)
- Understand the difference between Main and Aggressive mode on IKE Phase 1
- Understand IKE Phase 2
- Understand what is PFS Group
- Understand the difference between IKEv1 & IKEv2
- Configuring IPSEC site-to-site using IKEv1
- Configuring IPSEC site-to-site using IKEv2
Requirements
- Have a TCP/IP knowledge
- Have an experience with networking
- Ideally have an MTCNA certificate