Line 10: |
Line 10: |
| <li>At least two RUT9xx routers</li> | | <li>At least two RUT9xx routers</li> |
| <li>A PC to configure the routers</li> | | <li>A PC to configure the routers</li> |
− | <li>(optional) A Cisco router</li>
| |
| </ul> | | </ul> |
| ---- | | ---- |
Line 83: |
Line 82: |
| ---- | | ---- |
| <b>Step 4</b>: save changes | | <b>Step 4</b>: save changes |
− |
| |
− | ==Cisco configuration==
| |
− |
| |
− | If you plan on using a Cisco router with this topology, you can use the configuration provided in this section. The configuration is set in accordance with the configuration scheme in [[DMVPN_configuration#Prerequisites_and_overview|section 2]] of this article.
| |
− |
| |
− | ===Cisco Spoke configuration: DMVPN===
| |
− | ----
| |
− |
| |
− | crypto isakmp policy 1
| |
− | encr aes
| |
− | hash md5
| |
− | authenticatio pre-share
| |
− | group 5
| |
− | !
| |
− | crypto isakmp key 1234 address 192.168.1.30
| |
− | !
| |
− | !
| |
− | crypto ipsec transform-set DMVPN-TS esp-3des esp-md5-sha256
| |
− | mode transport
| |
− | !
| |
− | crypto ipsec profile DMVPN
| |
− | set security-association lifetime secnds 86400
| |
− | set transform-set DMVPN-TS
| |
− | !
| |
− | interface Tunnel0
| |
− | description mGRE - DMVPN Tunnel
| |
− | ip address 10.1.1.1 255.255.255.0
| |
− | ip nhrp network-id 1
| |
− | ip nhrp nhs 10.1.1.3 nbma 192.168.1.30
| |
− | ip nhrp shortcut
| |
− | ip nhrp redirect
| |
− | tunnel source GigabitEthernet0/0/1
| |
− | tunnel destination 192.168.1.30
| |
− | tunnel key 1234
| |
− | tunnel protectio ipsec profile DMVPN
| |
− | !
| |
− | interface GigabitEthernet0/0/1
| |
− | description Wired DMVPN
| |
− | ip address 192.168.1.100 255.255.255.0
| |
− | negotiation auto
| |
− |
| |
− | ===Cisco Spoke configuration: BGP===
| |
− | ----
| |
− |
| |
− | router bgp 65001
| |
− | bgp log-neighbor-changes
| |
− | network 10.1.1.0 mask 255.255.255.0
| |
− | neighbor spokes-ibgp peer-group
| |
− | neighbor spokes-ibgp remote-as 65001
| |
− | neighbor spokes-ibgp route-reflector-client
| |
− | neighbor spokes-ibgp soft-reconfiguration inbound
| |
− | neighbor 10.1.1.3 peer-group spokes-ibgp
| |
− |
| |
− | ===Cisco Hub configuration===
| |
− | ----
| |
− | interface Tunnel0
| |
− | description mGRE - DMVPN Tunnel
| |
− | ip address 10.1.1.1 255.255.255.0
| |
− | ip nhrp network-id 1
| |
− | ip nhrp nhs dynamic nbma multicast
| |
− | ip nhrp shortcut
| |
− | ip nhrp redirect
| |
− | tunnel source GigabitEthernet0/0/1
| |
− | tunnel key 1234
| |
− | tunnel protection ipsec profile DMVPN
| |
− | !
| |
− | router bgp 65001
| |
− | bgp log-neighbor-changes
| |
− | network 10.1.1.0 mask 255.255.255.0
| |
− | neighbor spokes-ibgp peer-group
| |
− | neighbor spokes-ibgp remote-as 65001
| |
− | neighbor spokes-ibgp route-reflector-client
| |
− | neighbor spokes-ibgp soft-reconfiguration inbound
| |
− | neighbor 10.1.1.3 peer-group spokes-ibgp
| |
− | neighbor 10.1.1.2 peer-group spokes-ibgp
| |