Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Building a VPN WAN simulation between 4 sites and an HQ

DKolev
New here
‎Mar 16 2023 12:47 AM
‎Mar 16 2023 12:47 AM

Building a VPN WAN simulation between 4 sites and an HQ

Hey, to keep it short, I've been given a practice exercise to build a small scale WAN simulation between an HQ and 4 branch sites secure tunneling and redundancy. SD-WAN and VPN servers are off the table, so are application based VPNs. I can only use Cisco routers and configure them manually. 1 ISP, 100Mbps. What WAN design would you recommend? Should I use MPLS or IPSec? BGP or OSPF?

Any pointers are appreciated.

0 Kudos
Subscribe
3 Replies 3
FannyLow
Here to help
‎Mar 16 2023 12:56 AM
‎Mar 16 2023 12:56 AM

MPLS will be provide you hub and spoke design with OSPF which is something like SDWAN design. However, IPSec will be point-to-point. 

 

Hope this can help. 

0 Kudos
Subscribe
In response to FannyLow
DKolev
New here
‎Mar 16 2023 1:45 AM
‎Mar 16 2023 1:45 AM

Would you say MPLS is necessary here or I can do it perfectly fine with L2TP?

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 16 2023 12:14 PM
‎Mar 16 2023 12:14 PM

This would be a better question for the Cisco Community, which deals with IOS-XE routers.

https://community.cisco.com/ 

 

If each site already has an Internet connection, I would use old-school DMVPN.

If you can install new circuits then MPLS is particularly simple.  You probably wont need any routing protocol, because the MPLS provider will do everything for you.  You would only need static routes.

 

You could also use point to point VTI tunnels over Internet connections, which uses IPSec under the hood.  I would still personally use static routes, as IMHO, dynamic routing is not warranted for such a small netwokr with no redudancy.  Otherwise I would use RIPv2 or EIGRP.  Much simpler than BGP or OSPF.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.