cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
483
Views
0
Helpful
1
Replies

hub and spoke vpn between ios routers with dynamic ip spokes

macmoony1
Level 1
Level 1

Hi,

we are looking at a hub-spoke ipsec implementation were the spokes will be issued with dynamic ips. The hub and spokes will be IOS routers. If we use a wildcard pre-shared key can the spoke routers be configured as xauth clients? What other options would be available to enhance the security in this scenario?

danke

1 Reply 1

Lei Tian
Cisco Employee
Cisco Employee

Hi Danke,

Both EZVPN and DMVPN can support dynamic IP on spoke. Check the configuration example

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps6659/prod_white_paper0900aecd80313bdb.pdf

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_white_paper09186a008018983e.shtml#dualhubsingle

I prefer DMVPN, because it supports routing, spoke to spoke communication, multicast.

HTH,

Lei Tian

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: