08-20-2020 05:10 AM - edited 08-20-2020 05:10 AM
Hi,
I would like to know with cisco DMVPN solution,
"only HUB site need to have Public IP address and the other spoke sites do not need to have public IP address"
Is it correct? As long as the spoke sites get access to the internet, DMVPN will be work ?
If it can be work, how about spoke to spoke connection? it can also be work with no public ip address on spoke sites?
We are planning to use DMVPN for our organization and public ip address requirement is really confused for me.
Thank you all !
Solved! Go to Solution.
08-20-2020 05:45 AM
HUB required static IP with stable connection.
Spoke - can be any media as long as they able to reach HUB IP address to build the tunnel.
08-20-2020 05:12 AM
YES , DMVPN HUB need to have Public IP, Spokes can be dynamic.
08-20-2020 05:23 AM
08-20-2020 05:45 AM
HUB required static IP with stable connection.
Spoke - can be any media as long as they able to reach HUB IP address to build the tunnel.
08-20-2020 06:51 AM
08-20-2020 07:03 AM
PNET/EVE-NG nice tool for PoC and Labbing. Nice stuff and test.
08-20-2020 05:38 AM
In my opinion you need:
HUB: public static ip
Spoke: static or dynamic public ip
08-20-2020 09:49 AM - edited 08-20-2020 09:51 AM
As mentioned by others, hub and spoke(s) need public IPs (on/across the Internet). The major difference, though, is the hub needs to be fixed/static, while spoke(s) can be dynamically assigned public IPs.
The reason for this, on the spoke(s) you configure the hub's public IP (so the spoke "knows") where to send its traffic. Using NHRP the spoke can inform the hub what IP it's using. The spoke informs the hub, what IP to send a particular spoke's traffic to.
Of course, a spoke can also use a static/fixed IP too.
I believe spoke-to-spoke also works with spokes having dynamic IPs. Basically, a spoke will query the hub for what IP the other spoke is using. (I've built Internet DMVPN using both static and dynamic spoke IPs, but have not done spoke-to-spoke, where a tunnel is dynamically built between spokes [as there's are, or were, considerations for using this feature].)
BTW, if a spoke's IP is dynamically changed (while being used), I believe it informs the hub. I.e. DMVPM will continue to work between hub and spoke, although there might be a network "blip".
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: