Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Unable to configure DMVPN HUB over DynDns

Dear All,

I have been using DMVPN HUB (via Static IP) and Spoke(via Dynamic) setup for 30 sites and running perfectly now I want to create another DMVPN HUB over Dyndns and spoke will remain on Dynamic IP.

 

Please can you help me out how to configure DynDns entry on HUB and Spoke sites. following are the running configuration for HUB (Static) and Spoke (Dynamic)

 

Running HUB and Spoke Configuration:

DMVPN HUB

 

crypto isakmp policy 1

authentication pre-share

crypto isakmp key abcd123456789 address 0.0.0.0 0.0.0.0

crypto isakmp invalid-spi-recovery

!

!

crypto ipsec transform-set trans2 esp-des esp-md5-hmac

 mode transport

!

crypto ipsec profile vpnprof

set transform-set trans2

!

!

!

!

ip ssh time-out 60

ip ssh version 2

!

!

!

interface Tunnel0

bandwidth 16384

ip address 10.0.0.1 255.255.255.0

no ip proxy-arp

ip mtu 1400

ip bandwidth-percent eigrp 1 30

ip authentication mode eigrp 1 md5

ip authentication key-chain eigrp 1 AGIKEYCHAIN

ip nhrp authentication 12345

ip nhrp map multicast dynamic

ip nhrp network-id 100000

ip nhrp holdtime 600

no ip split-horizon eigrp 1

ip policy route-map VPN-INTERNET

delay 1000

tunnel source GigabitEthernet0/0

tunnel mode gre multipoint

tunnel key 100000

tunnel protection ipsec profile vpnprof

!

interface GigabitEthernet0/0

description Connected to AGI_DC_CS2 port gi2/42

ip address 83.xxx.xx.26 255.255.255.xx

no ip proxy-arp

duplex full

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.10.3 255.255.255.0

no ip proxy-arp

duplex auto

speed auto

!

interface Serial0/1/0

no ip address

shutdown

no fair-queue

clock rate 2000000

!

router eigrp 1

redistribute static

network 10.0.0.0 0.0.0.255

network 192.168.10.3 0.0.0.0

no auto-summary

!

 

DMVPN SPOKE:

crypto isakmp policy 1

authentication pre-share

crypto isakmp key abcd123456789  address 0.0.0.0       

crypto isakmp invalid-spi-recovery

crypto isakmp nat keepalive 30

!

!

crypto ipsec transform-set trans2 esp-des esp-md5-hmac

 mode transport

!

!

crypto ipsec profile vpnprof

set transform-set trans2

!

!

!

!

!

!

interface Tunnel0

ip address 10.0.0.6 255.255.255.0

ip mtu 1400

ip authentication mode eigrp 1 md5

ip authentication key-chain eigrp 1 AGIKEYCHAIN

ip flow ingress

ip nhrp authentication 12345

ip nhrp map 10.0.0.1 83.xx.xx.26

ip nhrp network-id 100000

ip nhrp holdtime 300

ip nhrp nhs 10.0.0.1

delay 1000

tunnel source Dialer1

tunnel destination 83.xx.xx.26

tunnel key 100000

tunnel protection ipsec profile vpnprof

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description Outside interface talking PPPoE

bandwidth 1024

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip virtual-reassembly in

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

no cdp enable

!

interface GigabitEthernet0/1

ip address 192.168.47.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

duplex auto

speed auto

!

interface Dialer1

description Logical ADSL Interface

bandwidth 1024

ip address negotiated

ip mtu 1400

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname xxxxxx

ppp chap password 7 xxxxxxxxx

ppp pap sent-username agcfedh1 password 7 xxxxxxxx

no cdp enable

!

!

router eigrp 1

network 10.0.0.0 0.0.0.255

network 192.168.47.0

eigrp stub connected summary

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

ip flow-export version 5

!

ip route 83.xx.xx.26 255.255.255.255 Dialer1

 

 

 

 

 

182
Views
0
Helpful
0
Replies
CreatePlease to create content