Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2198
Views
0
Helpful
2
Replies

Full Mesh or Hub and Spoke?

Charger1129
Level 1
Level 1

‎02-06-2016 12:59 PM

Hello! I was wondering if I can get some opinions on doing a network as a Full Mesh or Hub and Spoke design. I have about 20 sites all over with primarily Cisco ASA firewalls anywhere from 5505, 5506, 5510, 5520, 5515 and they all have site-to-site VPN tunnels. 

I really like the idea of a full mesh design, creates some redundancy and allows the locations to get to each other without having to go through a central Hub. However, maintaining all the tunnels is not the easiest thing in the world and can be time consuming.

Was curious what other folks thought and if they've run in to the same issues trying to do a Full Mesh design. 

Labels:
0 Helpful
2 Replies 2

Philip D'Ath
VIP Alumni
VIP Alumni

‎02-06-2016 10:39 PM

If you were using Cisco IOS routers then you could use DMVPN, and this would be trivial ...

In an ASA environment like this it is not practical to do a full mesh.  The configs would be huge and unmanageable.

0 Helpful

Charger1129
Level 1
Level 1
In response to Philip D'Ath

‎02-09-2016 07:50 PM

Yea that's the challenge I'm having, managing all the tunnels is a bit inconvenient. 

0 Helpful
Customers Also Viewed These Support Documents