Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1194
Views
5
Helpful
3
Replies

DMVPN USING RSA Encryption

Robby Prasetyo
Level 1
Level 1

‎06-02-2015 08:45 PM - edited ‎02-21-2020 08:15 PM

Dear Guys..

 

Curently we deploy DMVPN Hub-Spoke from HQ to all of branches using Pre shared keys for the authentication method. We plan to change using RSA encryption for AUTH.  Do anybody have doc to deploy DMVPN using RSA Encryption...? 

 

Thanks & Regards

 

Robby

 

 

 

Labels:
0 Helpful
3 Replies 3

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎06-03-2015 05:11 AM

Robby,

 

Truth be told, authentication method is agnostic of what you're transporting over (in this case GRE).

Any example with IKEv1 and rsa-encr should be good enough. 

 

However that being said, I'm not aware of any NEW deployments that would be using rsa-encr for authentication, I've seen only a couple legacy deployments. 

What's the reason to go for it? Most of the people will move to certificates and rsa-sig ... it's more manageable and provides more options. 

M. 

0 Helpful

Robby Prasetyo
Level 1
Level 1
In response to Marcin Latosiewicz

‎06-04-2015 06:58 PM

Dear Marcin,,

 

Thanks for the response...for Certificates..and rsa Sig...it doesn't need purchase any license .right? can be generate in our HUB Router ?  

0 Helpful

Boris Uskov
Level 4
Level 4
In response to Robby Prasetyo

‎06-05-2015 03:19 AM

Hi, Robby.

 

Sure, you don't need any additional liceses to change auth method from PSK to Certificates. And, yes, you can use your HUB Router as Certificate Authority (CA) and issue certificates for SPOKES.

I believe, this link can help you:

http://www.cisco.com/c/en/us/support/docs/security/dynamic-multipoint-vpn-dmvpn/117688-config-dmvpn-00.html

Customers Also Viewed These Support Documents