Hi
I am trying to configure DMVPN but my tunnel ip can't ping each other. I have connected two routers more like a hub and spoke network ut I only have one conneted at this stage for testing purposes.
Please check why my router's cant ping my device, below are my configs:
1st problem
I cant configure the tunnel destination on the hub.
HUB
DUT(config-if)#tunnel destination 172.16.0.1
The tunnel destination can not be configured under the existing mode
crypto isakmp policy 10
encr aes 256
hash md5
authentication pre-share
crypto isakmp key 6 cisco123 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set dirkstrong esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES256-SHA esp-aes 256 esp-sha-hmac
mode transport
!
crypto ipsec profile DMVPN
set transform-set ESP-AES256-SHA
!
crypto ipsec profile strongdirk
set security-association lifetime seconds 120
set transform-set dirkstrong
!
crypto ipsec profile test
!
interface Tunnel0
bandwidth 1000
ip address 172.16.0.2 255.255.0.0
no ip redirects
ip mtu 1400
ip nhrp authentication cisco
ip nhrp map multicast dynamic
ip nhrp map 172.16.0.4 10.0.44.1
ip nhrp network-id 1000
ip nhrp holdtime 360
ip nhrp nhs 172.16.0.4
ip tcp adjust-mss 1360
tunnel source 1.1.1.1
tunnel mode gre multipoint
tunnel key 12345
tunnel protection ipsec profile DMVPN
Spoke
crypto isakmp policy 10
encr aes 256
authentication pre-share
crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set ESP-AES256-SHA esp-aes 256 esp-sha-hmac
mode transport
!
crypto ipsec profile DMVPN
set transform-set ESP-AES256-SHA
!
interface Tunnel0
bandwidth 1000
ip address 172.16.0.4 255.255.0.0
no ip redirects
ip mtu 1400
ip nhrp authentication cisco
ip nhrp map multicast dynamic
ip nhrp network-id 1000
ip nhrp holdtime 360
ip tcp adjust-mss 1360
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 12345
tunnel protection ipsec profile DMVPN shared
!
