Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3426
Views
4
Helpful
2
Replies

Multiple DMVPN Instances on Same WAN Interface

Go to solution
Alioune Dieng
Cisco Employee
Cisco Employee

‎07-13-2012 03:24 AM - edited ‎02-21-2020 06:11 PM

Hi Folks,

Is it possible to run Multiple DMVPN Instances on a single WAN Interface ? Can we for example configure 3 Tunnels on a Router using one same WAN Interface but running separate EIGRP Instances for each Tunnel ? Kindly let me know , Alioune

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nkarthikeyan
Level 7
Level 7

‎07-13-2012 07:35 AM

Hi Alioune,

Yes you can create DMVPN as you said with one WAN interface that is possible..... you can have multiple tunnel interfaces pointed to a WAN interface as the source interface which resides in public zone..... with different public ip's as the destination tunnel...

interface Tunnel1

description ** A-VPN Tunnel **

bandwidth 100000

ip vrf forwarding red

ip address 10.0.252.2 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1500

load-interval 60

tunnel source GigabitEthernet0/0 (WAN Interface)

tunnel destination  1.1.1.1

tunnel protection ipsec profile dmvpn

!

interface Tunnel1

description ** B-VPN Tunnel **

bandwidth 100000

ip vrf forwarding red

ip address 10.0.252.5 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1500

load-interval 60

tunnel source GigabitEthernet0/0 (WAN Interface)

tunnel destination  2.1.1.1

tunnel protection ipsec profile dmvpn

!

like the above..... shown sample...

Please rate if the given information helps!!!

View solution in original post

0 Helpful
2 Replies 2

Go to solution
nkarthikeyan
Level 7
Level 7

‎07-13-2012 07:35 AM

Hi Alioune,

Yes you can create DMVPN as you said with one WAN interface that is possible..... you can have multiple tunnel interfaces pointed to a WAN interface as the source interface which resides in public zone..... with different public ip's as the destination tunnel...

interface Tunnel1

description ** A-VPN Tunnel **

bandwidth 100000

ip vrf forwarding red

ip address 10.0.252.2 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1500

load-interval 60

tunnel source GigabitEthernet0/0 (WAN Interface)

tunnel destination  1.1.1.1

tunnel protection ipsec profile dmvpn

!

interface Tunnel1

description ** B-VPN Tunnel **

bandwidth 100000

ip vrf forwarding red

ip address 10.0.252.5 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1500

load-interval 60

tunnel source GigabitEthernet0/0 (WAN Interface)

tunnel destination  2.1.1.1

tunnel protection ipsec profile dmvpn

!

like the above..... shown sample...

Please rate if the given information helps!!!

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎07-13-2012 07:55 AM

Additionally to the VRF-solution there is a slightly easier solution:

You can have multiple DMVPN-tunnels between the same peers if you configure your tunnels with different tunnel-keys (which have to match with the remote side) and you add the parameter "shared" to your tunnel protection command:

int tunnel 1

...

tunnel key 11111

...

tunnel protection ipsec profile TUNNEL-PROFILE shared

!

int tunnel 2

...

tunnel key 22222

...

tunnel protection ipsec profile TUNNEL-PROFILE shared

Sent from Cisco Technical Support iPad App

Customers Also Viewed These Support Documents