06-21-2008 11:26 PM - edited 03-09-2019 08:56 PM
Hi
If I configure HO router as a DVPN then all branches connected HO is also auto configure VPN ?. its work like DHCP
06-22-2008 03:21 AM
The HUB (HO) router has static(known) ip, while the spokes(branch) router may have dynamic(unknown) IP.
06-22-2008 07:48 PM
DMVPN combine gre tunnels with IPSEC protiction actully its called mGRE mean multipoint gre, this kind of vpn considred very scaleable because u need to make only one tunnel interface at the HUB side and also one tunnle interface at the spoke side then all other tunnles will be automatic and the communications between spokes will be for first packet spoke > HUB > spoke then all the subsequent packets will be SPOKE > SPOKE directly
in addition u dont need a static public IP address for each device only one IP requered for the HUB router
easy,manageable and very scaleable
rate if useful
thank you
06-22-2008 10:35 PM
Hi
Thanks to clear me.
Biplob
06-22-2008 10:36 PM
Hello
DMVPM is the combination of multiple technologies (IPSEC,MGRE, Dynaminc IGP routing and NHRP).
IPSEC = provides regular encryption/authenticaiton/integrity etc.
MGRE = The 'GRE' allows multicast/non-IP protocols to go over IPSEC VPN, otherwise its not possible. MGRE allows you to use 'one' tunnel interface to connect multiple VPN peers thereby increasing management and scalability. It differentiates different flows by the help of a tunnel key.
NHRP = Allows the HUB to learn the addresses of the spoke automatically easing management. It also allows the spokes to learn the current Public/Dynamic IPs of other spokes to form direct 'spoke-2-spoke' tunnels to increase scalability.
IGP Routing: Allows the VPN sites to learn about the VPN subnets of each site.
New spoke/branch sites need no change at hub site. Only at the spokes (so it is not pure 'auto configure' as you describe).
Please rate helpful posts.
Regards
Farrukh
06-23-2008 11:39 AM
Is it possible to have a Hub-Spoke setup using DMVPN where some of the spokes act as hubs for other spokes?
I'm trying to create a three level network where the center of it all is the corporate office. The corporate office is the Hub for the main branch offices, and the remote branch offices are spokes of the main branch offices.
Thank you for any help that you might be able to provide.
06-23-2008 04:32 PM
it is possible which is called by cisco DMVPN phase 3 ( and recomended) in your case is the hirarchical one(muti-hub). u have to make the HQ office the server and hub for the branches, then the branch offices will be the hubs for the remote offices
good luck
rate if useful
06-24-2008 03:43 AM
I've got HQ setup as a server and hub for the branches. To setup the branches as both a server and hub for the remotes, do I simply use a second Tunnel Interface? And if that's the case, I'm guessing that I would need to use a seperate network-id & tunnel key, but is there anything else that needs to distinguish the second mGRE as seperate?
Thank you for your previous reply. I've rated accordingly. If you're able to help me again, I'd be happy to accomidate.
06-24-2008 03:51 AM
hi there
i am sure the link bellow will help you to achive what you want
then i think you gonna increase your rating :)
the link:
if you have anymore questions send me
thank you and good luck
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide