RE: DMVPN for dynamic spokes

If you combine this with IKE Aggressive mode then you can use FQDN of each
host and make sure that each of the spokes use DDNS to update according to
their changing IP.

There are always several ways to accomplish a given scenario the question
becomes which way do you want to do it?

If you want to do what I am saying let me know and I can provide you sample
configurations.

Regards,
 
Tyson Scott - CCIE #13513 R&S, Security, and SP
Managing Partner / Sr. Instructor - IPexpert, Inc.
Mailto: tscott_at_ipexpert.com

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Radioactive Frog
Sent: Wednesday, February 02, 2011 9:47 AM
To: Ajay mehra
Cc: ccielab_at_groupstudy.com
Subject: Re: DMVPN for dynamic spokes

You have multiple options to come voer that 0.0.0.0

a) crypto isakmp key ciscoXMDMDKD
OR
b) ip nhrp authentication ciscoXXXXX

OR

above A+B both.

The best is cert....

On Wed, Feb 2, 2011 at 3:00 PM, Ajay mehra <ajaymehra01_at_gmail.com> wrote:

> Hello Experts,
>
> Is it possible to match the pre shared keys in Hub based on spokes host
> names instead of ip addresses. Spokes are using dynamic ip addressing and
> we
> are using 0.0.0.0 for the pre shared keys which is not acceptable. Using
> digital certs could be one of the possible solution but is it possible
with
> pre-shared keys?
>
> Thanks,
> Ajay
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Feb 02 2011 - 12:29:58 ART