cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
268
Views
1
Helpful
2
Replies

Vpn for 60 sites

Meduober
Level 1
Level 1

Our network of 60 remote sites linked to the central office is based on a leased VPN link provided by a telecom operator.

The solution is very costly compared with the bandwidth, which is no more than 0.5 Mb in most sites. we'd like to set up our own Vpn network using Cisco equipment. what do you recommend?

I insist on the traffic security part

Thank you

2 Replies 2

@Meduober that depends on your budget and the hardware, a more advanced solution would be SDWAN, but that might be more expensive and add complexity. DMVPN or FlexVPN are an adequate solution and is supported on Cisco IOS-XE routers.

https://www.cisco.com/c/en/us/support/security/flexvpn/products-configuration-examples-list.html

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/xe-17/sec-conn-dmvpn-xe-17-book/sec-conn-dmvpn-dmvpn.html

Both DMVPN and FlexVPN are route based VPNs, which creates a hub and spoke topology (and spoke-to-spoke if required). The routing protocol (OSPF, BGP, EIGRP or IKEv2 routing if using FlexVPN) controls which traffic is encrypted and routed over the VPN tunnel.

Or alternatively use a Firewall such as the FPR1010 running FTD or ASA software, which can be managed centrally (FMC/CDO), both solutions support Dynamic/Static VTI.

 

 

many solution here, 
DMVPN -> this need router FW not support GRE, 60 sites 0.5 Mb for each you need ISR4431 or ISR4451
lklklklklkl.png

FlexVPN (IKEv2) <- this support by both router and Firepower FW of cisco 

 

 SD-WAN  <- for hub-spoke this need from you change all site router to IOS XE SD-WAN or vEdge, so it to cost. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: