Need Advice: DMVPN vs IPSec GRE

mistabrumley89mistabrumley89 Member Posts: 356 ■■■□□□□□□□
Can anyone provide a little advice?

Pros vs. Cons

Limitations to DMVPN vs. IPSec GRE

Possible implications with a rollover (Not including hardware/ios)

How to minimize downtime of remote sites?

I've been tasked with creating a proposal since I got the bright idea of wanting to change stuff that isn't broken -.-
Goals: WGU BS: IT-Sec (DONE) | CCIE Written: In Progress


  • networker050184networker050184 Mod Posts: 11,962 Mod
    I'd be proposing MPLS over both personally.
    An expert is a man who has made all the mistakes which can be made.
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    DMVPN using IPsec and Virtual Tunnels and utilizing the IP unnumbered command. Best of IPsec protocols and ease of doing a VTI tunnel. Bring up a separate VPN hub, we use ASR1000's and bring up the VTI on the new spoke then drop the old tunnel. Virtually seamless in the transition. I'm currently doing a project on converting 1400 tunnels using a VTI to our one firewall and building 2 more VTI's to our new Firewall and to our DR site using IKEv2.
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
Sign In or Register to comment.