Designing Site-to-Site IPsec VPNs - Part 4
The legacy technologies such as leased lines or switched networks (Frame relay, ATM) have long been replaced by public Internet or MPLS. To secure the traffic between the Local Area Networks at remote sites an IPsec is an integral part of today`s solutions.
Boštjan Šustar, in his fourth article about IPsec implementation in Cisco IOS, explains the Dynamic Multipoint VPNs (DMVPN). To some degree, DMVPNs mimic the older technologies, providing for the use of proven design choices (e.g., routing), but there are important differences to consider. Although the DMVPN is a combination of three technologies (IPsec, multipoint GRE tunnels and Next-Hop Resolution Protocol [NHRP]), it is implemented in a way that includes more intelligent interaction between these technologies, providing better resilience, performance and stability. Bostjan addresses the simple implementation as well as all enhanced options of DMVPN in his article.
Read more in the attached document‹ back