cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1629
Views
0
Helpful
5
Replies

Replaced router DMVPN broken, Help!

Hi all,

I'm beginning to rip my own hair out now, I've been trying for a week to figure out where I've gone wrong!

I had multiple C1921s running dmvpn and have recently upgraded the hub router to a C3945, copied over and adjusted the config where necessary but for some reason I'm having issues. The routers form EIGRP adjacencies successfully and I can ping the LAN interface IPs all round however the clients can not pass traffic and I still have no idea why.

I feel like I'm probably missing something simple that I'm just being blind to, so if anyone has any ideas I've included snippets of my configs. 

 

hostname HUB
!
crypto isakmp policy 10
 encr aes 192
 hash md5
 authentication pre-share
 group 2
!
crypto isakmp key MYKEY address 0.0.0.0
!
crypto ipsec transform-set DMVPN-TRANS-SET esp-aes 256 esp-md5-hmac
 mode tunnel
!
crypto ipsec profile DMVPN-PROFILE
 set security-association lifetime seconds 120
 set transform-set DMVPN-TRANS-SET
!
interface Tunnel0
 ip address 172.16.0.1 255.240.0.0
 no ip redirects
 ip mtu 1440
 no ip next-hop-self eigrp 10
 no ip split-horizon eigrp 10
 ip nhrp authentication MYKEY
 ip nhrp map multicast dynamic
 ip nhrp network-id 1
 tunnel source Dialer1
 tunnel mode gre multipoint
 tunnel key 0
 tunnel protection ipsec profile DMVPN-PROFILE
!
router eigrp 10
 network 10.0.0.0 0.0.0.255
 network 10.0.1.0 0.0.0.255
 network 172.16.0.0 0.15.255.255
hostname SPOKE
!
crypto isakmp policy 10
 encr aes 192
 hash md5
 authentication pre-share
 group 2
!
crypto isakmp key MYKEY address 0.0.0.0        
!
crypto ipsec transform-set DMVPN-TRANS-SET esp-aes 256 esp-md5-hmac 
 mode tunnel
!
crypto ipsec profile DMVPN-PROFILE
 set security-association lifetime seconds 120
 set transform-set DMVPN-TRANS-SET 
!
interface Tunnel0
 ip address 172.16.0.6 255.240.0.0
 no ip redirects
 ip mtu 1440
 ip nhrp authentication MYKEY
 ip nhrp map 172.16.0.1 xxx.xxx.xxx.xxx
 ip nhrp map multicast xxx.xxx.xxx.xxx
 ip nhrp network-id 1
 ip nhrp nhs 172.16.0.1
 tunnel source GigabitEthernet0/0
 tunnel mode gre multipoint
 tunnel key 0
 tunnel protection ipsec profile DMVPN-PROFILE
!
router eigrp 10
 network 10.0.6.0 0.0.0.255
 network 172.16.0.0 0.15.255.255

What am I missing? 😫

 


Thanks in advance for any help! 

-Yanni