CCIE Security -- DMVPN Phase 1

Notes

Hub

crypto isakmp key 0 cisco address 8.7.6.0 255.255.255.0
!
crypto isakmp policy 100
  encryption aes 256
  hash sha
  authentication pre-share
!
crypto ipsec transform-set AES256_SHA esp-aes 256 esp-sha-hmac
  mode transport
!
crypto ipsec profile DMVPN
  set transform-set AES256_SHA
!
interface serial0/0
  ip address 8.7.6.100 255.255.255.0
!
interface Tunnel100
  ip address 172.16.1.100 255.255.255.0
  ip nhrp map multicast dynamic
  ip nhrp network-id 1
  tunnel source Serial0/0
  tunnel mode gre multipoint
  tunnel key 1
  tunnel protection ipsec profile DMVPN
  no ip split-horizon eigrp 100
  no ip next-hop-self eigrp 100
!
router eigrp 100
  network 172.16.1.100 0.0.0.0
  no auto-summary
!

Spoke

crypto isakmp key 0 cisco address 8.7.6.1
!
crypto isakmp policy 100
  encryption aes 256
  hash sha
  authentication pre-share
!
crypto ipsec transform-set AES256_SHA esp-aes 256 esp-sha-hmac
  mode transport
!
crypto ipsec profile DMVPN
  set transform-set AES256_SHA
!
interface Serial0/0
  ip address 8.7.6.50 255.255.255.0
!
interface Tunnel100
  ip address 172.16.1.50 255.255.255.0
  ip nhrp map multicast 8.7.6.100
  ip nhrp map 172.16.1.100 8.7.6.100
  ip nhrp server 172.16.1.100
  ip nhrp network-id 1
  tunnel source Serial0/0
  tunnel destination 8.7.6.100
  tunnel key 1
  tunnel protection ipsec profile DMVPN
!
router eigrp 100
  network 172.16.1.50 0.0.0.0
  no auto-summary
!