******************************
Remote Location
******************************
interface Tunnel10
description Remote Location
bandwidth 1500
ip address 172.22.10.9 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication key10
ip nhrp map multicast dynamic
ip nhrp map 172.22.10.1 10.1.1.2
ip nhrp map multicast 10.1.1.2
ip nhrp network-id 10
ip nhrp holdtime 360
ip nhrp nhs 172.22.10.1
ip nhrp registration timeout 30
ip nhrp shortcut
ip nhrp redirect
qos pre-classify
tunnel source fa0/0
tunnel mode gre multipoint
tunnel key 10
tunnel protection ipsec profile SKYLAB_DMVPN shared
end
*******************************
interface Tunnel11
description Remote Location
bandwidth 1500
ip vrf forwarding NON-CRITICAL
ip address 172.22.11.8 255.255.255.0
no ip redirects
ip mtu 1400
ip hello-interval eigrp 25 20
ip hold-time eigrp 25 60
ip nhrp authentication key11
ip nhrp map multicast dynamic
ip nhrp map 172.22.11.1 10.1.1.2
ip nhrp map multicast 10.1.1.2
ip nhrp network-id 11
ip nhrp holdtime 360
ip nhrp nhs 172.22.11.1
ip nhrp registration timeout 30
ip nhrp shortcut
ip nhrp redirect
qos pre-classify
tunnel source fa0/0
tunnel mode gre multipoint
tunnel key 11
tunnel protection ipsec profile SKYLAB_DMVPN shared
end
*******************************
crypto keyring key-DMVPN
pre-shared-key address 0.0.0.0 0.0.0.0 key cisco123
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
lifetime 28800
crypto isakmp invalid-spi-recovery
crypto isakmp keepalive 10 periodic
!
!
crypto ipsec transform-set set-DMVPN esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile SKYLAB_DMVPN
set transform-set set-DMVPN
*******************************
router eigrp 100
Network 172.22.11.93 0.0.0.0
Network 172.22.10.9 0.0.0.255
Network 172.22.11.8 0.0.0.255
Network 172.22.13.54 0.0.0.0
*******************************
interface Tunnel10
description HUB Location Data Center
bandwidth 20000
ip vrf forwarding CRITICAL
ip address 172.22.10.1 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication key10
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp holdtime 360
ip virtual-reassembly in
ip tcp adjust-mss 1300
qos pre-classify
keepalive 10 3
tunnel source fa0/0
tunnel mode gre multipoint
tunnel key 10
tunnel vrf INTERNET
tunnel protection ipsec profile SKYLAB_DMVPN shared
end
*******************************
interface Tunnel11
description HUB Location Data Center
bandwidth 20000
ip vrf forwarding NON-CRITICAL
ip address 172.22.11.1 255.255.255.0
no ip redirects
ip mtu 1400
ip hold-time eigrp 100 35
no ip next-hop-self eigrp 100
no ip split-horizon eigrp 100
ip nat inside
ip nhrp authentication key11
ip nhrp map multicast dynamic
ip nhrp map multicast 10.1.1.2
ip nhrp map 172.22.11.2 10.1.1.2
ip nhrp network-id 11
ip nhrp holdtime 360
ip nhrp shortcut
ip nhrp redirect
ip virtual-reassembly in
ip tcp adjust-mss 1300
qos pre-classify
keepalive 10 3
tunnel source fa0/0
tunnel mode gre multipoint
tunnel key 11
tunnel protection ipsec profile SKYLAB_DMVPN shared
end
*******************************
Show Command for Troublehsooting
*******************************
show Dmvpn Detail
show crypto isakmp sa
show ip nhrp nhs detail
show crypto ipsec security-assoc lifetime
show crypto isakmp policy
show crypto ipsec sa
show crypto ipsec sa
