Hi all, recently I have the opportunity to work with a client that needed a way to get from their branches to their HO securely but without knowing the IPs of the branches. This was complicated by the fact that the branches were using DHCP IPs for their Internet connections at the branches. The HO end-points didn’t have a static way of identifying the branches. This is where DMVPN works well.
The DMVPN technology gives you a method of connecting unknown end-points to the HO VPN end-points securely because the branches will “dial home”. The HO will create the VPN connection, tunnel the traffic across the now encrypted link and even exchange packets for a dynamic routing protocol like EIGRP. This allows you to dynamically add and remove branches without manually creating IPSec tunnels AND the routing gets updated automatically. Quite nice
Until next time,