Scribd
Upload
15 views5 pages

DMVPN Configuration with OSPF & EIGRP

Uploaded by

Agung Prasetio
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
15 views5 pages

DMVPN Configuration with OSPF & EIGRP

Uploaded by

Agung Prasetio
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

======================================================

IP Sec DMVPN FASE 1 Whit OSPF

======================================================
Note:
Settiap routing EIGRP matikan split-horizon kita
matikan pada semua router

#no ip split-horizon eigrp 12

======
R1 HUB
======

interface Loopback0
ip address 1.1.1.1 255.255.255.255
interface Tunnel0
ip address 192.168.10.1 255.255.255.0
ip nhrp authentication IDN
ip nhrp network-id 1
ip ospf network broadcast
tunnel source 12.12.12.1
tunnel mode gre multipoint
tunnel protection ipsec profile IDN-Profile

interface Ethernet0/0
ip address 12.12.12.1 255.255.255.0
no sh

interface Loopback0
ip address 1.1.1.1 255.255.255.255

router ospf 12
network 1.1.1.1 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 12.12.12.2

crypto isakmp policy 10


encr aes 128
hash sha
authentication pre-share
group 5

crypto isakmp key IDN-MANTAB address 23.23.23.3


crypto isakmp key IDN-MANTAB address 24.24.24.4

crypto ipsec transform-set IDNTransform esp-aes esp-sha-hmac


mode transport
exit
crypto ipsec profile IDN-Profile
set transform-set IDNTransform

int tun0
tunnel protect ipsec profile IDN-Profile

=========================================
======
R2 ISP
======

interface Ethernet0/0
ip address 12.12.12.2 255.255.255.0
no sh
interface Ethernet0/1
ip address 23.23.23.2 255.255.255.0
no sh
interface Ethernet0/2
ip address 24.24.24.2 255.255.255.0
no sh

========================================

=========
R3 Skop 1
=========
interface Loopback0
ip address 2.2.2.2 255.255.255.255
interface Tunnel0
ip address 192.168.10.2 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
ip ospf network broadcast
tunnel source 23.23.23.3
tunnel destination 12.12.12.1
tunnel protection ipsec profile IDN-Profile
interface Ethernet0/0
ip address 23.23.23.3 255.255.255.0
no sh
router ospf 13
network 2.2.2.2 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 23.23.23.2

crypto isakmp policy 10


encr aes 128
hash sha
authentication pre-share
group 5

crypto isakmp key IDN-MANTAB address 12.12.12.1

crypto ipsec transform-set IDNTransform esp-aes esp-sha-hmac


mode transport
exit
crypto ipsec profile IDN-Profile
set transform-set IDNTransform

int tun0
tunnel protect ipsec profile IDN-Profile

==========================================
=========
R4 Skop 2
=========

interface Loopback0
ip address 3.3.3.3 255.255.255.255
interface Tunnel0
ip address 192.168.10.3 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
ip ospf network broadcast
tunnel source 24.24.24.4
tunnel destination 12.12.12.1
tunnel protection ipsec profile IDN-Profile
interface Ethernet0/0
ip address 24.24.24.4 255.255.255.0
no sh

router ospf 14
network 3.3.3.3 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 24.24.24.2

crypto isakmp policy 10


encr aes 128
hash sha
authentication pre-share
group 5

crypto isakmp key IDN-MANTAB address 12.12.12.1

crypto ipsec transform-set IDNTransform esp-aes esp-sha-hmac


mode transport
exit
crypto ipsec profile IDN-Profile
set transform-set IDNTransform

int tun0
tunnel protect ipsec profile IDN-Profile

===================================================================

DMVPN Fase 2 Whit OSPF & EIGRP

===================================================================

=====
R-HUB
=====

interface Tunnel0
ip address 192.168.10.1 255.255.255.0
ip nhrp authentication IDN
ip nhrp network-id 1
tunnel source 12.12.12.1
tunnel mode gre multipoint
ip nhrp map multicast dynamic

router eigrp 12
network 1.1.1.1 0.0.0.0
network 192.168.10.1 0.0.0.0
no auto-summary

int tun0
no ip split-horizon eigrp 12

=========
R-Spoke 1
=========
interface Tunnel0
ip address 192.168.10.1 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
tunnel source 23.23.23.3
tunnel mode gre multipoint

router eigrp 12
network 1.1.1.1 0.0.0.0
network 192.168.10.2 0.0.0.0
no auto-summary

int tun0
no ip split-horizon eigrp 12

=========
R-Spoke 2
=========
interface Tunnel0
ip address 192.168.10.3 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
tunnel source 24.24.24.4
tunnel mode gre multipoint

router eigrp 12
network 1.1.1.1 0.0.0.0
network 192.168.10.3 0.0.0.0
no auto-summary

int tun0
no ip split-horizon eigrp 12

Note: OSPF Hanya berbeda pada pengaktifan mode Broadcast


karena default Interface Tunnel adalah Point to point
#int tun0
#ip ospf network broadcast

===================================================================

DMVPN Fase 3 Whit OSPF & EIGRP


===================================================================
Pasa Fase 3 tidak terdapat perubahan yang banyak kita hanya
perlu mendambahkan (ip nhrp redirect)

=====
R-HUB
=====

int tun0
ip nhrp redirect

R-Spoke1 & 2
int tun0
ip nhrp shorcut

Note: Pada Spoke kita bisa melakukan konfigurasi Shorcut saja,


tetapi bisa juga kita bikin mode redirect

=======
OSPF & EIGRP sama seperti sebelumnya

==========================
Summarization DMVPN Fase 3
==========================
R-Spoke1
========
int lo1
ip address 192.168.1.1 255.255.255.255

router eigrp 12
network 192.168.10.2 0.0.0.0
network 192.168.1.1 0.0.0.0
no auto-summary

========
R-Spoke2
========

router eigrp 12
network 192.168.10.3 0.0.0.0
network 192.168.2.1 0.0.0.0
no auto-summary

=====
R-HUB
=====
int lo1
ip address 192.168.111.1 255.255.255.255

router eigrp 12
network 192.168.10.1 0.0.0.0
network 1.1.1.1 0.0.0.0
no auto-summary
int tun0
ip summary-address eigrp 12 192.168.0.0/16

You might also like