Hi
as DMVPN, (NHRP/GRE) is configurable on SarOS devices (however, the operation guide does not describe it), I assume, the new generation of Digi OS will support it as well.
On the other hand, what solution would you recommend to use int case of TX54 spoke nad cisco ASR HUB constellation to minimize configuration.
I assume dVTI/IPsec on cisco or DMVPN/NHRP.
Any use-case, best practice?
This would be an 2000+ Digi/spoke dual active LTE WAN design.
Thanks,
gyula
Unfortunately, DMVPN protocol is not supported on DAL devices at the moment.
Hi
thanks for your response.
I hoped the NHRP is part of the DAL as well, regardless, if it is mentioned or not in the user’s guide.
On the other hand, what solution would you suggest for mass deployment of Digi routers, with encrypted connectivity to a HUB site, where the HUB device does not require individual configuration for each remote Digi router?
Traditional site2site IPsec needs a unique config for each Spoke on the HUB. This is what I try to avoid. I would like to create a general HUB config that could scale up to 1000+ Spoke Digi router without the individual configs for each Spoke on the HUB routers.
DMVPN (GRE/NHRP) is a great solution for this. My second guess is to use dVTI on the HUB side (Cisco ASR).
Also, cert based authentication with IKEv2 is a mandatory requirement.
Any suggestion for this?
Kind regards,
Gyula