Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1123
Views
0
Helpful
5
Replies

DMVPN without IPsec

Go to solution
adancso
Level 1
Level 1

‎09-12-2005 04:06 AM - edited ‎02-21-2020 01:57 PM

Hi all,

Is the running of DMVPN without IPsec a supported configuration?

I'm testing it at the moment and hubs are loosing conncetivity with spokes. I'm wondering if it is beacuse of not using IPsec.

Anyone tried this?

Attila

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
5 Replies 5

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎09-12-2005 07:47 AM

Attila

I am not clear what you are attempting to achieve in trying to run DMVPN without IPSec. DMVPN is one way to run VPN. A VPN is predicated on the protections that IPSec provides. So what is the point of running DMVPN without IPSec?

One of the things that DMVPN does provide is a multi-point tunnel. If you are trying to do multi-point tunnel then there is multi-point GRE which would give you multi-point capability on the tunnel.

If that is not what you are trying to achieve then help us understand better what it is that you need to be able to do.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
asp13
Level 1
Level 1

‎09-13-2005 09:33 AM

I suppose you meant NHRP. If so look at the http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080435815.html

0 Helpful

Go to solution
t.rusch
Level 1
Level 1

‎09-22-2005 04:03 AM

Hey adancso,

we are currently deploying DMVPN with and without IPSEC support. So far, we haven't seen a connection loss between spoke and hub.

friendly regards

0 Helpful

Go to solution
ccnpccnp77
Level 1
Level 1
In response to t.rusch

‎04-09-2006 10:35 PM

rusch, i need your help. I now have a FR network connecting a central site and many remote sites. Later i have a VPDN network from provider, and I wish them to become the backups for FRs.

for the VPN,the central site connects to provider with 10M, and remote sites connect by ADSL modem which will get one private fixed IP(like 192.168.1.1) each time. the provider has set up the VPN for me, and remote sites can connect to central site and can't access internet which is restricted by our policy. but the central site can't access remote sites since IPs within remote site's LAN are all NATed on ADSL modem. this means the VPN is a clients-to-site VPN. but i wish to create a site-to-site VPN since we have application requiring central-to-remote access. so i wished to create the site-to-site by GRE tunnel withou IPsec. this should be a multipoint GRE tunnel with hub and spokes. The spokes don't need to access each other, and only need to access central site.

Is NHRP needed here? can you help me with your sound GRE without Ipsec experience?

0 Helpful

Go to solution
mheusinger
Level 10
Level 10
In response to ccnpccnp77

‎04-09-2006 11:29 PM

Hello,

You can use DMVPN with dynamic routing across the GRE tunnels. Have a look at "Dynamic Multipoint VPN (DMVPN)"

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455c71.html

or "Understanding GRE with DMVPN"

http://www.cisco.com/en/US/products/sw/cscowork/ps3994/products_user_guide_chapter09186a00801f5966.html#wp1323409

Hope this helps! Please rate all posts.

Regards, Martin

0 Helpful
Customers Also Viewed These Support Documents