DMVPN - Encrypt Network

Hi Forum.

My Toplogy:

 <---------------(EIGRP AS202)---------------->

SPOKE1 -> 130.1.51.0 /24 -> SPOKE2 -> HUB1

I created 100.100.100.0/24 for my tunnel interfaces. So traffic to and from this network will get encrypted.I want to encrypt the 130.1.51.0 /24 network as well (learned via EIGRP process). It dosent work if I make a static route on the HUB1 that points the network to go throug tunnel interface. How can I solve this one?

 

My Config:

HUB:

!
crypto isakmp policy 1
 authentication pre-share
 hash md5
 group 2
 encryption 3des
!
crypto isakmp key CISCO address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-md5-hmac
mode transport
!
crypto ipsec profile vpnprof
 set transform-set trans2
!
interface Tunnel0
 ip address 100.100.100.1 255.255.255.0
 ip nhrp authentication CISCO
 ip nhrp map multicast dynamic
 ip nhrp network-id 99
 ip nhrp holdtime 300
 tunnel source fa0/0.17
 tunnel mode gre multipoint
 tunnel key 100000
 tunnel protection ipsec profile vpnprof
!

Spoke:

!
crypto isakmp policy 1
 authentication pre-share
 hash md5
 group 2
 encryption 3des
!
crypto isakmp key CISCO address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-md5-hmac
 mode transport
!
crypto ipsec profile vpnprof
 set transform-set trans2
!
interface Tunnel0
 ip address 100.100.100.2 255.255.255.0
 ip nhrp authentication CISCO
 ip nhrp map 100.100.100.1 130.1.76.7
 ip nhrp map multicast 130.1.76.7
 ip nhrp network-id 99
 ip nhrp nhs 100.100.100.1
 tunnel source Gi0/0.17
 tunnel mode gre multipoint
 tunnel key 100000
 tunnel protection ipsec profile vpnprof
!

Spoke:


crypto isakmp policy 1
 authentication pre-share
 hash md5
 group 2
 encryption 3des
!
crypto isakmp key CISCO address 0.0.0.0
!
crypto ipsec transform-set trans2 esp-3des esp-md5-hmac
 mode transport
!
crypto ipsec profile vpnprof
 set transform-set trans2
!
interface Tunnel0
 ip address 100.100.100.3 255.255.255.0
 ip nhrp authentication CISCO
 ip nhrp map 100.100.100.1 130.1.76.7
 ip nhrp map multicast 130.1.76.7
 ip nhrp network-id 99
 ip nhrp nhs 100.100.100.1
 tunnel source Gi0/0.17
 tunnel mode gre multipoint
 tunnel key 100000
 tunnel protection ipsec profile vpnprof
!

Comments

Sign In or Register to comment.