I just uploaded a new cheat sheet on IPsec. This was one of the most difficult cheat sheets I've produced, simply because there is so much material to cover, from the underlying crypto theory to the real-world configuration. However, I'm pleased with the scope I've settled on, and I hope you will be too. This cheat, like many of the others, is CCNP-level and heavily Cisco oriented.

I should make one note concerning the configuration pictured: in keeping with the Cisco Press ISCW book, the example config does not involve GRE or VTIs, which are probably more commonly deployed in modern scenarios. Even with VTIs, the configuration isn't too different; you basically just lose the crypto ACL in favor of a dynamic routing protocol(s) and terminate the IPsec tunnel on a tunnel interface.

I'd also like to thank Carl Yost of CCIE Journey for his recent plug of PacketLife. Be sure to head over his way once you've snagged the IPsec cheat sheet!