Cisco: DMVPN

From Frotmail Projects
Jump to navigation Jump to search

HUB

hostname hub
!
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 16
 lifetime 3600
crypto isakmp key mylab123 address 192.168.2.2
crypto isakmp key mylab123 address 192.168.2.3
!
crypto ipsec transform-set tset esp-aes esp-sha-hmac
!
crypto ipsec profile myprofile
 set transform-set tset
!
interface Tunnel1
 ip address 10.1.1.1 255.255.255.0
 ip mtu 1400
 ip tcp adjust-mss 1360
 no ip redirects
 no ip next-hop-self eigrp 1
 ip nhrp authentication dmvpntst
 ip nhrp map multicast dynamic
 ip nhrp network-id 1
 no ip split-horizon eigrp 1
 tunnel source Vlan1
 tunnel mode gre multipoint
 tunnel key 12345
 tunnel protection ipsec profile myprofile
 !
!
interface Vlan1
 ip address 192.168.2.77 255.255.255.0
 !
!
router eigrp 1
 network 10.0.0.0
!

Spoke1

hostname spoke1
!
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 16
 lifetime 3600
crypto isakmp key mylab123 address 192.168.2.77
crypto isakmp key mylab123 address 192.168.2.3
!
crypto ipsec transform-set tset esp-aes esp-sha-hmac
!
crypto ipsec profile myprofile
 set transform-set tset
!
interface Tunnel1
 ip address 10.1.1.2 255.255.255.0
 ip mtu 1400
 ip tcp adjust-mss 1360
 no ip redirects
 ip nhrp authentication dmvpntst
 ip nhrp map 10.1.1.1 192.168.2.77
 ip nhrp map multicast 192.168.2.77
 ip nhrp network-id 1
 ip nhrp nhs 10.1.1.1
 tunnel source FastEthernet0
 tunnel mode gre multipoint
 tunnel key 12345
 tunnel protection ipsec profile myprofile
 !
!
interface FastEthernet0
 ip address 192.168.2.2 255.255.255.0
 duplex auto
 speed auto
 !
!
router eigrp 1
 network 10.0.0.0
!

Spoke2

hostname spoke2
!
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 16
 lifetime 3600
crypto isakmp key mylab123 address 192.168.2.77
crypto isakmp key mylab123 address 192.168.2.2
!
crypto ipsec transform-set tset esp-aes esp-sha-hmac
!
crypto ipsec profile myprofile
 set transform-set tset
!
interface Tunnel1
 ip address 10.1.1.3 255.255.255.0
 ip mtu 1400
 ip tcp adjust-mss 1360
 no ip redirects
 ip nhrp authentication dmvpntst
 ip nhrp map 10.1.1.1 192.168.2.77
 ip nhrp map multicast 192.168.2.77
 ip nhrp network-id 1
 ip nhrp nhs 10.1.1.1
 tunnel source FastEthernet0
 tunnel mode gre multipoint
 tunnel key 12345
 tunnel protection ipsec profile myprofile
!
interface FastEthernet0
 ip address 192.168.2.3 255.255.255.0
 duplex auto
 speed auto
!
router eigrp 1
 network 10.0.0.0
!
Retrieved from "https://wiki.frotmail.nl/index.php?title=Cisco:_DMVPN&oldid=23"