Chapter15 DMVPN
Dynamic Multipoint VPN
15-2
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
It is important to configure the hub first because spokes must be configured using
information about the hub. If you are configuring a hub, you can use the
SpokeConfiguration feature available in the Summary window to generate a
procedure that you can send to spoke administrators so that they can c onfigure the
spokes with the correct hub information. If you are configuring a spoke, you m ust
obtain the correct information about the hub befo re you begin.

Create a spoke (client) in Dynamic Multipoint VPN

Select if your router is a spoke in the DMVPN network. Spokes are the logical
endpoints in the network. Before starting configuration, you should ping the hub
to be sure you have connectivity to it, and have all the necessary information about
the hub configuration that you need. This information is listed in Dynamic
Multipoint VPN (DMVPN) Spoke Wizard.

Create a hub (server or head-end) in Dynamic Multipoint VPN

Select if your router is a hub in the DMVPN network. The hub is the logical center
point in a DMVPN network, and is connected to each spoke router via a
point-to-point IPSec connection. The hub can route IPSec traffic between the
spoke routers in the network.
Dynamic Multipoint VPN (DMVPN) Hub Wizard
This wizard will help you configure your router as a DMVPN hub. The hub sh ould
be configured before the spokes so that you can provide the spoke administrator s
with the information they need to configure their spoke routers.
The application window explains what you will be configuring. After you have
finished, you will need to provide spoke administrators with the following
information about the hub:
The IP address of the hub router’s physical interface.
The IP address of the hub’s mGRE tunnel interface.
The dynamic routing protocol to use to send routing updates to the DMVPN,
and the autonomous system (AS) number (for EIGRP), or pro cess ID (for
OSPF) that should be used.