Configuring DMVPN Phase 3 Dual Hub

This post details the configuration on how to configure a DMVPN Phase 3 VPN in a Dual Hub Single Cloud. I previously wrote a post on configuring DMVPN Phase 2, refer to this post for more detailed information on configuring DMVPN. As per most previous posts GNS3 was used to lab the configuration. I had… Continue reading Configuring DMVPN Phase 3 Dual Hub

CCNP ROUTE 2.0: VPN Technologies

CCNP ROUTE 2.0 Exam Blueprint: VPN Technologies Configure and verify GRE Describe DMVPN Describe Easy Virtual Networking (EVN) Configure and Verify GRE Generic Routing Encapsulation (GRE) was designed to carry multiprotocol and IP multicast traffic between sites Encapsulated protocols included IP, Appletalk, DECnet or IPX GRE encapsulates an inside IP address within an outside IP… Continue reading CCNP ROUTE 2.0: VPN Technologies

Cisco ISR G2 Router bad IPSec performance

I’ve been testing a new DMVPN with IPSec encryption utilising brand new Cisco 3945 ISR G2 routers. I performed some basic performance tests using “iperf” with just a GRE tunnel (no encryption) between 2 sites and I was consistently getting 91Mbps throughput (not bad). Upon adding the encryption (AES-128) and re-running the tests the result… Continue reading Cisco ISR G2 Router bad IPSec performance

Configuring Dynamic Multipoint VPN (DMVPN)

The Dynamic Multipoint VPN (DMVPN) allows for a large scale IPSec VPN deployment with reduced configuration/complexity. It uses GRE, Next Hop Resolution Protocol (NHRP) and IPSec Encryption and unlike traditional IPSec VPNs DMVPN does not require Crypto ACLs, instead DMVPN requires a single mGRE tunnel interface and a single IPSec profile. In a large DMVPN… Continue reading Configuring Dynamic Multipoint VPN (DMVPN)