Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Part III: Test Plans > Site-to-Site IPsec Virtual Private Networking: DMVPN and...

Chapter 13. Site-to-Site IPsec Virtual Private Networking: DMVPN and GET VPN Test Plans

Site-to-site Virtual Private Networks (VPN) provide a flexible and economical method to extend network resources to branch offices, home offices, and business partner sites. In a traditional solution, each branch (“spoke”) and corporate (“hub”) site would be connected to the Internet with a dedicated circuit. This circuit could be an Ethernet, T-carrier, or a less expensive business-level broadband connection such as DSL or cable. A tunneling protocol such as GRE, L2TP, or IPsec would then be used to create a “virtual circuit” between each spoke and the hub location, over which data would be sent in either clear (GRE) or encrypted (L2TP or IPsec) format.

The major drawback of traditional IPsec VPN solutions is that they present tunnel management and scalability challenges as the number of sites and features increases in the WAN. This problem has been exasperated as newer peer-to-peer applications require direct “spoke-to-spoke” tunnels to reduce the latency associated with backhauling through a hub site. Cisco has addressed these challenges with the development of two newer IPsec VPN solutions known as Dynamic Multipoint VPN (DMVPN) and Group Encrypted Transport VPN (GET VPN).


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint