I’m slowly starting to lose track of the weeks here, but that’s not a problem. This past week has seen a lot of lab time. Between starting ADVPN for the first time and getting to SSL VPN migration scenarios I don’t see it ending any time soon. I have the schedule mapped out for anywhere from 4-6 works on IPsec VPNs (including ADVPN, migrations, a little ZTNA) and this block is a bit different from routing in that everything really falls under IPsec. Therefore it’s all one document that I’m taking deep notes in and we’re almost up to 60 pages. I think I like this structure a little better because I know exactly how to spend my time – as long as it’s something IPsec related it’s time well spent.
Something fun I’m starting to run into is the need to expand the Azure lab. I mentioned last week I began setting up a domain controller. So far this week I’ve built a working RADIUS connection for SSL VPN (and IPsec) and am on the cusp of a working LDAP configuration – although I have a feeling it’s going to be LDAPS by the time I get it working. I really did think it was going to be another 2 months before I’d breaking into authentication in the lab but once the DC was stood up I didn’t see any reason not to dive in.
Between those last two points I want to emphasize my focus for the next week – SSL VPN to IPsec VPN migrations, as I call them. For some reason I have a feeling there will undoubtedly be one of these exact scenarios on the exam. Therefore I’m labbing out every permutation I can think of:
- local authentication + split DNS + full tunnel + custom TCP port
- LDAP authentication + split tunnel + DNS suffix
- RADIUS authentication + split DNS + split tunnel + custom port
- …
It’s a fun little challenge that’s keeping me focused and covers multiple topics at once. I’ll leave it at that, thanks for reading.
NSE8/FCX Certification 
Leave a comment