Line 77: |
Line 77: |
| <b>Step 3</b>: configure DMVPN Phase 2 parameters: | | <b>Step 3</b>: configure DMVPN Phase 2 parameters: |
| | | |
− | - Encryption algorithm - AES 128
| + | 1. Encryption algorithm - AES 128 |
| | | |
− | - Hash algorithm - SHA256
| + | 2. Hash algorithm - SHA256 |
| | | |
− | - PFS group -MODP3072
| + | 3. PFS group -MODP3072 |
| | | |
− | <br>[[File:DMVPN phase3 example3.png|alt=|border]] | + | <br>[[File:Hub phase2 fix.png|alt=|border]] |
| ---- | | ---- |
| <b>Step 4</b>: configure DMVPN NHRP parameters: | | <b>Step 4</b>: configure DMVPN NHRP parameters: |
| | | |
− | In the NHRP parameters section, it is important to enable REDIRECT option, which is essential to our Phase 3 configuration. | + | In the NHRP parameters section, it is important to enable '''REDIRECT''' option, which is essential to our Phase 3 configuration. |
| | | |
− | <br>[[File:DMVPN HUB Phase3 example4.png|border|class=tlt-border]] | + | <br>[[File:Redirect.png|alt=|border]] |
| ---- | | ---- |
| <b>Step 5</b>: save changes | | <b>Step 5</b>: save changes |
Line 99: |
Line 99: |
| <b>Step 1</b>: enable BGP and configure General section: | | <b>Step 1</b>: enable BGP and configure General section: |
| | | |
− | - Enable vty
| + | 1. Enable vty |
| | | |
− | - Set AS to 65000
| + | 2. Set AS to 65000 |
| | | |
− | - Set BGP router ID for easier management.
| + | 3. Set BGP router ID for easier management. |
| | | |
− | - Set announcement network(s). Routes to these networks will be shared over BGP. We used 192.168.1.0/24
| + | 4. Set announcement network(s). Routes to these networks will be shared over BGP. We used 192.168.1.0/24 |
| | | |
− | - "NHRP routes" selection should be applied under the "Redistribution options" section
| + | 5. "NHRP routes" selection should be applied under the "Redistribution options" section |
| | | |
− | <br>[[File:DMVPN HUB Phase3 example5.png|border|class=tlt-border]] | + | <br>[[File:Hub bgp.png|alt=|border]] |
| ---- | | ---- |
| | | |