We have a Cisco 851 as Easy VPN Server and two Cisco 851 Easy Remote. VPN works between Easy VPN Remote and Easy VPN Server. Is it possible this configuration to work as hub-spoke? Can user behind one 851 Easy VPN Remote "speak" (ping etc..) to another 851 Easy VPN Remote through Easy VPN Server?
Yes, you can configure to work a hub-spoke. In a hub-and-spoke VPN topology, multiple remote devices (spokes) communicate securely with a central device (hub). A separate, secured tunnel extends between the hub and each individual spoke.
If you need "remote" to "remote" communication, you have 2 choice.
1. Enable EZVPN with VTI. (Support in 12.4T) It allows dynamic routing (because VTI support GRE and Multicast) between each remote site. However, all communication between "spokes" is over "hub "routers.
2. Enable DMVPN, remote routers will dynamically issue Nhrp request to hub routers to resolve another remote site WAN IP address for IPSEC tunnel establishment. All payload traffic communication between "spokes" are directly run between "spokes". It reduce overhead on hub routers.
In generally, I prepare you choose "DMVPN" unless security reason.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :