| Line 10: |
Line 10: |
| | <li>At least two RUT9xx routers</li> | | <li>At least two RUT9xx routers</li> |
| | <li>A PC to configure the routers</li> | | <li>A PC to configure the routers</li> |
| − | <li>(optional) A Cisco router</li>
| |
| | </ul> | | </ul> |
| | ---- | | ---- |
| Line 83: |
Line 82: |
| | ---- | | ---- |
| | <b>Step 4</b>: save changes | | <b>Step 4</b>: save changes |
| − |
| |
| − | ==Cisco configuration==
| |
| − |
| |
| − | If you plan on using a Cisco router with this topology, you can use the configuration provided in this section. The configuration is set in accordance with the configuration scheme in [[DMVPN_configuration#Prerequisites_and_overview|section 2]] of this article.
| |
| − |
| |
| − | ===Cisco Spoke configuration: DMVPN===
| |
| − | ----
| |
| − |
| |
| − | crypto isakmp policy 1
| |
| − | encr aes
| |
| − | hash md5
| |
| − | authenticatio pre-share
| |
| − | group 5
| |
| − | !
| |
| − | crypto isakmp key 1234 address 192.168.1.30
| |
| − | !
| |
| − | !
| |
| − | crypto ipsec transform-set DMVPN-TS esp-3des esp-md5-sha256
| |
| − | mode transport
| |
| − | !
| |
| − | crypto ipsec profile DMVPN
| |
| − | set security-association lifetime secnds 86400
| |
| − | set transform-set DMVPN-TS
| |
| − | !
| |
| − | interface Tunnel0
| |
| − | description mGRE - DMVPN Tunnel
| |
| − | ip address 10.1.1.1 255.255.255.0
| |
| − | ip nhrp network-id 1
| |
| − | ip nhrp nhs 10.1.1.3 nbma 192.168.1.30
| |
| − | ip nhrp shortcut
| |
| − | ip nhrp redirect
| |
| − | tunnel source GigabitEthernet0/0/1
| |
| − | tunnel destination 192.168.1.30
| |
| − | tunnel key 1234
| |
| − | tunnel protectio ipsec profile DMVPN
| |
| − | !
| |
| − | interface GigabitEthernet0/0/1
| |
| − | description Wired DMVPN
| |
| − | ip address 192.168.1.100 255.255.255.0
| |
| − | negotiation auto
| |
| − |
| |
| − | ===Cisco Spoke configuration: BGP===
| |
| − | ----
| |
| − |
| |
| − | router bgp 65001
| |
| − | bgp log-neighbor-changes
| |
| − | network 10.1.1.0 mask 255.255.255.0
| |
| − | neighbor spokes-ibgp peer-group
| |
| − | neighbor spokes-ibgp remote-as 65001
| |
| − | neighbor spokes-ibgp route-reflector-client
| |
| − | neighbor spokes-ibgp soft-reconfiguration inbound
| |
| − | neighbor 10.1.1.3 peer-group spokes-ibgp
| |
| − |
| |
| − | ===Cisco Hub configuration===
| |
| − | ----
| |
| − | interface Tunnel0
| |
| − | description mGRE - DMVPN Tunnel
| |
| − | ip address 10.1.1.1 255.255.255.0
| |
| − | ip nhrp network-id 1
| |
| − | ip nhrp nhs dynamic nbma multicast
| |
| − | ip nhrp shortcut
| |
| − | ip nhrp redirect
| |
| − | tunnel source GigabitEthernet0/0/1
| |
| − | tunnel key 1234
| |
| − | tunnel protection ipsec profile DMVPN
| |
| − | !
| |
| − | router bgp 65001
| |
| − | bgp log-neighbor-changes
| |
| − | network 10.1.1.0 mask 255.255.255.0
| |
| − | neighbor spokes-ibgp peer-group
| |
| − | neighbor spokes-ibgp remote-as 65001
| |
| − | neighbor spokes-ibgp route-reflector-client
| |
| − | neighbor spokes-ibgp soft-reconfiguration inbound
| |
| − | neighbor 10.1.1.3 peer-group spokes-ibgp
| |
| − | neighbor 10.1.1.2 peer-group spokes-ibgp
| |