05-04-2011 08:30 AM - edited 02-21-2020 05:19 PM
Does anyone have an example of using multiple DMVPN Networks and VRF interfaces (no MPLS)
I have a requirment to use a common link to forward three isolated networks spoke to Hub as encrypted data. It could be VTI I dont mind, but I cant use MPLS.
Thanks
Solved! Go to Solution.
05-04-2011 02:24 PM
Hi,
"back in the day" I did made this config:
http://isamology.blogspot.com/2010/01/ipsec-and-vrfs-so-whos-doing-vrf.html
But normally I assume you've seen this:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6660/prod_white_paper0900aecd8034be03_ps6658_Products_White_Paper.html
Same principles apply to VRF lite regardless of VTI/DMVPN/GREoIPsec configuration.
tunnel vrf = Front door VRF
ip vrf forwarding = inside VRF
Now if you add Nico's cheat sheet (for isakmp profiles mostly where needed) you should be all set.
https://supportforums.cisco.com/docs/DOC-13524
Marcin
05-04-2011 02:24 PM
Hi,
"back in the day" I did made this config:
http://isamology.blogspot.com/2010/01/ipsec-and-vrfs-so-whos-doing-vrf.html
But normally I assume you've seen this:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6660/prod_white_paper0900aecd8034be03_ps6658_Products_White_Paper.html
Same principles apply to VRF lite regardless of VTI/DMVPN/GREoIPsec configuration.
tunnel vrf = Front door VRF
ip vrf forwarding = inside VRF
Now if you add Nico's cheat sheet (for isakmp profiles mostly where needed) you should be all set.
https://supportforums.cisco.com/docs/DOC-13524
Marcin
05-05-2011 01:37 AM
Great reply, just what I neded. Thanks muchly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide