Back to CCNA 200-301

CCNA 200-301 · Security Fundamentals (15%)

Vpn Ipsec

VPN & IPsec Fundamentals > Exam relevance: VPN and IPsec appear in the Security Fundamentals domain (15% of the exam) as conceptual multiple-choice questions. You won't configure IPsec tunnels in a simulation, but you *will* be tested on terminology, protocol roles, and the differences between VPN types — so understanding the architecture clearly is essential. --- ## What Is a VPN and Why Does It Matter? A VPN (Virtual Private Network) creates an encrypted, logical tunnel across an untrusted network (typically the public internet), allowing private data to travel securely between endpoints. Think of it as a secure envelope inside an ordinary envelope — the outer envelope carries your data across the internet, but only the intended recipient can open the inner one. VPNs solve two fundamental problems: 1. Confidentiality — data is encrypted so eavesdroppers can't read it 2. Authentication — both endpoints verify each other's identity before exchanging data --- ## VPN Types: Site-to-Site vs. Remote-Access | Feature | Site-to-Site VPN | Remote-Access VPN | |---|---|---| | Who connects | Two network devices (routers/firewalls) | Individual user devices | | Typical use | Branch office ↔ HQ | Teleworker ↔ corporate network | | Always on? | Yes — persistent tunnel | No — user initiates connection | | Common protocols | IPsec | IPsec or SSL/TLS | | User awareness | Transparent to users | User must connect (VPN client) | --- ## IPsec: The Core Framework IPsec (Internet Protocol Security) is a suite of protocols that operates at Layer 3 (Network layer) to authenticate and encrypt IP packets. It is the most common protocol suite used to build site-to-site VPNs on Cisco devices. IPsec is…

Keep reading: Vpn Ipsec

Unlock the full CCNA 200-301 course — every lesson, the AI tutor, and full mock exams.

  • Full lesson content
  • AI tutor for this section
  • Practice questions