Virtual PrivateNetworks(VPN) Dynamic Multipoint VPN(DMVPN)
IX20 User Guide
608
Command line
1. At the command line, type config to enter configuration mode:
> config
(config)>
2. Add an interface named gre_interface2:
(config)> add network interface gre_interface2
(config network interface gre_interface2)>
3. Set the zone to internal:
(config network interface gre_interface2)> zone internal
(config network interface gre_interface2)>
4. Set the device to the GREtunnel created in Task three (/vpn/iptunnel/gre_tunnel2):
(config network interface gre_interface2)> device /vpn/iptunnel/gre_
tunnel2
(config network interface gre_interface2)>
5. Set 172.31.0.2/30 as the virtual IPaddress on the GREtunnel:
(config network interface gre_interface2)> ipv4 address 172.31.0.2/30
(config network interface gre_interface2)>
6. Save the configuration and apply the change
(config network interface gre_interface2)> save
Configuration saved.
>
7. Type exit to exit the Admin CLI.
Depending on your device configuration, you may be presented with an Access selection
menu. Type quit to disconnect from the device.
Dynamic Multipoint VPN (DMVPN)
Dynamic Multipoint Virtual Private Network (DMVPN) isa dynamic tunneling form of a virtual private
network (VPN), using a multi spoke-to-hub network in which the network addresses of the spoke
routers do not need to be known, and therefore do not need to be configured in the hub router.
One advantage to this form of VPNisa scalable network in which the size of the hub configuration is
minimized. When onespokeof the network needs to send traffic to another spoke, a direct transfer is
possible without having to add any load onto the hub. This is achieved by the creation of a dynamic
GREtunnel directly to the other spoke. The network address of the target spoke is resolved with the
use of Next Hop Resolution Protocol (NHRP).
This section contains the following topics:
Configure a DMVPN spoke 609
To Next Page
Loading...
Need help?
General