Link to home
Start Free TrialLog in
Avatar of cpatte7372
cpatte7372Flag for United Kingdom of Great Britain and Northern Ireland

asked on

DMVPN mGRE vs IPSec VPN

Hello Experts,

I'm looking for help compiling convincing arguments why my company should migrate from their existing IPSec VPN to Ciscos DMVPN.

Just so you know I fully understand why DMVPN is a better option if you were creating an IP VPN from scratch. However, I'm trying to convince the organisation to tear down existing and rebuild their IP VPN with Cisco's DMVPN.

I'm very interested to hear what experts come back with on this topic

cpatte7372
Avatar of rauenpc
rauenpc
Flag of United States of America image
Some of my arguments would depend on existing configuration.
Are you running GRE over IPSEC in any way?
Are you using static routes to get traffic to go through the tunnels? Are these routes being redistributed into routing protocols?
Do you have multiple head ends or redundant tunnels?
Any need or desire for spoke to spoke traffic?
What hardware is used for the tunnels today? ASA's, routers, etc.
Any expected site growth or additions?
How often are changes made, such as adding/removing subnets at the hubs or spokes?
Avatar of cpatte7372
cpatte7372
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

We are running GRE over IPSEC in tunnel mode
We use static routes which are being redistributed into eigrp
We have multiple headends.
Spoke to spoke allows for a fully meshed environment.
We use 887 for the tunnels.
There is a mild expectation in growth,


So, what do you experts think?
ASKER CERTIFIED SOLUTION
Avatar of Matt V
Matt V
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cpatte7372
cpatte7372
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Cheers