Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
481
Views
0
Helpful
3
Replies

multisite vpn with Rip

Joli Martinez
Level 1
Level 1

‎07-23-2012 10:46 AM - edited ‎03-04-2019 05:03 PM

I have several IPsec vpn tunnels to the main site.  The remote locations are using 871 routers and the main site is using an ASA 5510.  I am using the tunnels for both voice and data.  I would like to implement Rip or some type of dynamic routing between them.  but according to what I have found using IPsec it is not possible.

Is this true and if so what are my options. 

Labels:
0 Helpful
3 Replies 3

subramaniyakarthic
Level 1
Level 1

‎07-23-2012 12:31 PM

If you are looking for spoke-spoke connectivity DMVPN would be the best option where routing protocols can be employed for dynamic routing. However, DMVPN used when there are a quite a lot of sites requiring inter-site connectivity.

If you want dynamic routing to be used across sites your options are GRE tunnels and DMVPN. Else, if you have few sites that have to be connected, static routes can do the job for you.

-Karthic

0 Helpful

Joli Martinez
Level 1
Level 1
In response to subramaniyakarthic

‎07-23-2012 12:42 PM

Right now they have static routes, but a couple of days ago one site went down and it was a mission to change all the routes temporary and then put them back when the site came back.  so im looking for a permanent solution.

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Joli Martinez

‎07-23-2012 01:00 PM

Hello Joli,

to support GRE over IPSec or DMVPN ( that is MGRE over IPSec) you would need an IOS router at central site instead of the ASA.

As far as I know ASA doesn't support GRE over IPSec.

With GRE or mGRE you can deploy a routing protocol.

see

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/DMVPDG.html

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/P2P_GRE_IPSec/P2P_GRE.html

DMVPN is to be preferred if the number of sites is high as it allows to make hub configuration indipendent of the number of spokes.

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card