Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
494
Views
0
Helpful
1
Replies

hub and spoke vpn between ios routers with dynamic ip spokes

macmoony1
Level 1
Level 1

‎02-21-2010 02:42 PM

Hi,

we are looking at a hub-spoke ipsec implementation were the spokes will be issued with dynamic ips. The hub and spokes will be IOS routers. If we use a wildcard pre-shared key can the spoke routers be configured as xauth clients? What other options would be available to enhance the security in this scenario?

danke

Labels:
0 Helpful
1 Reply 1

Lei Tian
Cisco Employee
Cisco Employee

‎02-21-2010 06:16 PM

Hi Danke,

Both EZVPN and DMVPN can support dynamic IP on spoke. Check the configuration example

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps6659/prod_white_paper0900aecd80313bdb.pdf

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_white_paper09186a008018983e.shtml#dualhubsingle

I prefer DMVPN, because it supports routing, spoke to spoke communication, multicast.

HTH,

Lei Tian

0 Helpful
Customers Also Viewed These Support Documents