alimohammed72
asked on
DMVPN configuration example
Hi
1.I am looking for config sample for spoke -to-spoke directly
2.I am looking for config sample for spoke -to-spoke VIA hub
Thanks in ADVANCE
1.I am looking for config sample for spoke -to-spoke directly
2.I am looking for config sample for spoke -to-spoke VIA hub
Thanks in ADVANCE
asavener
Something like this? http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008019d6f7.shtml
You might also want to investigate the new technology GET VPN.
ASKER
this is good for sopke to spoke via HUB but I am looking for SPOKE-SPOKE directly
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here is my working config for spoke to spoke,
HUB using EIGRP)
crypto isakmp policy 1
authentication pre-share
crypto isakmp key dmvpn address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile dmvpnprof
set transform-set trans2
interface Tunnel0
bandwidth 1000
ip address 172.16.1.3 255.255.255.0
ip mtu 1400
ip nhrp authentication donttell
ip nhrp map multicast dynamic
ip nhrp network-id 99
ip nhrp holdtime 300
no ip route-cache
no ip split-horizon eigrp 200
ip tcp adjust-mss 1360
delay 1000
tunnel source <add physical interface here>
tunnel mode gre multipoint
tunnel key 12345
tunnel protection ipsec profile dmvpnprof
SPOKE X;
crypto isakmp policy 1
authentication pre-share
crypto isakmp key dmvpn address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile dmvpnprof
set transform-set trans2
!
interface Tunnel0
bandwidth 1000
ip address 172.16.1.6 255.255.255.0
ip mtu 1400
ip nhrp authentication donttell
ip nhrp map multicast dynamic
ip nhrp map 172.16.1.3 201.1.36.3
ip nhrp map multicast 201.1.36.3
ip nhrp nhs 172.16.1.3
ip nhrp network-id 99
ip nhrp holdtime 300
ip tcp adjust-mss 1360
delay 1000
tunnel source <add physical interface>
tunnel mode gre multipoint
tunnel key 12345
tunnel protection ipsec profile dmvpnprof
harbor235 ;}
HUB using EIGRP)
crypto isakmp policy 1
authentication pre-share
crypto isakmp key dmvpn address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile dmvpnprof
set transform-set trans2
interface Tunnel0
bandwidth 1000
ip address 172.16.1.3 255.255.255.0
ip mtu 1400
ip nhrp authentication donttell
ip nhrp map multicast dynamic
ip nhrp network-id 99
ip nhrp holdtime 300
no ip route-cache
no ip split-horizon eigrp 200
ip tcp adjust-mss 1360
delay 1000
tunnel source <add physical interface here>
tunnel mode gre multipoint
tunnel key 12345
tunnel protection ipsec profile dmvpnprof
SPOKE X;
crypto isakmp policy 1
authentication pre-share
crypto isakmp key dmvpn address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile dmvpnprof
set transform-set trans2
!
interface Tunnel0
bandwidth 1000
ip address 172.16.1.6 255.255.255.0
ip mtu 1400
ip nhrp authentication donttell
ip nhrp map multicast dynamic
ip nhrp map 172.16.1.3 201.1.36.3
ip nhrp map multicast 201.1.36.3
ip nhrp nhs 172.16.1.3
ip nhrp network-id 99
ip nhrp holdtime 300
ip tcp adjust-mss 1360
delay 1000
tunnel source <add physical interface>
tunnel mode gre multipoint
tunnel key 12345
tunnel protection ipsec profile dmvpnprof
harbor235 ;}