From f6e5ef39a8945c39ffc73810ef428e104c3a8f4e Mon Sep 17 00:00:00 2001 From: srividya0208 Date: Thu, 15 Jul 2021 10:47:31 -0400 Subject: Fixed grammatical errors --- docs/configuration/vpn/dmvpn.rst | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'docs/configuration/vpn/dmvpn.rst') diff --git a/docs/configuration/vpn/dmvpn.rst b/docs/configuration/vpn/dmvpn.rst index e6487292..66587b17 100644 --- a/docs/configuration/vpn/dmvpn.rst +++ b/docs/configuration/vpn/dmvpn.rst @@ -1,3 +1,5 @@ +:lastproofread: 2020-07-15 + .. _vpn-dmvpn: DMVPN @@ -7,7 +9,7 @@ DMVPN DMVPN is a dynamic VPN technology originally developed by Cisco. While their implementation was somewhat proprietary, the underlying technologies are -actually standards based. The three technologies are: +actually standard based. The three technologies are: * **NHRP** - NBMA Next Hop Resolution Protocol RFC2332_ * **mGRE** - Multipoint Generic Routing Encapsulation / mGRE RFC1702_ @@ -34,9 +36,11 @@ Baseline Configuration: #. Create nhrp (`protocols nhrp`) #. Create ipsec vpn (optional, but recommended for security) (`vpn ipsec`) -The tunnel will be set to mGRE if for encapsulation `gre` is set, and no +The tunnel will be set to mGRE if `gre` is set for encapsulation, and no `remote-ip` is set. If the public ip is provided by DHCP the tunnel `local-ip` -can be set to "0.0.0.0". If you do set the `remote-ip` directive at any point, the interface will need to be `delete`'d from the config and recreated without the `remote-ip` config ever being set. +can be set to "0.0.0.0". If you do set the `remote-ip` directive at any point, +the interface will need to be `deleted` from the config and recreated without +the `remote-ip` config ever being set. .. figure:: /_static/images/vpn_dmvpn_topology01.png :scale: 40 % @@ -164,7 +168,12 @@ HUB Example Configuration: HUB on AWS Configuration Specifics ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Setting this up on AWS will require a "Custom Protocol Rule" for protocol number "47" (GRE) Allow Rule in TWO places. Firstly on the VPC Network ACL, and secondly on the security group network ACL attached to the EC2 instance. This has been tested as working for the offical AMI image on the AWS Marketplace. (Locate the correct VPC and security group by navigating through the details pane below your EC2 instance in the AWS console) +Setting this up on AWS will require a "Custom Protocol Rule" for protocol +number "47" (GRE) Allow Rule in TWO places. Firstly on the VPC Network ACL, and +secondly on the security group network ACL attached to the EC2 instance. This +has been tested as working for the offical AMI image on the AWS Marketplace. +(Locate the correct VPC and security group by navigating through the details +pane below your EC2 instance in the AWS console) SPOKE Configuration ^^^^^^^^^^^^^^^^^^^ -- cgit v1.2.3