======================================================

IP Sec DMVPN FASE 1 Whit OSPF

======================================================
Note:
Settiap routing EIGRP matikan split-horizon kita
matikan pada semua router

#no ip split-horizon eigrp 12

======
R1 HUB
======

interface Loopback0
ip address 1.1.1.1 255.255.255.255
interface Tunnel0
ip address 192.168.10.1 255.255.255.0
ip nhrp authentication IDN
ip nhrp network-id 1
ip ospf network broadcast
tunnel source 12.12.12.1
tunnel mode gre multipoint
tunnel protection ipsec profile IDN-Profile

interface Ethernet0/0
ip address 12.12.12.1 255.255.255.0
no sh

interface Loopback0
ip address 1.1.1.1 255.255.255.255

router ospf 12
network 1.1.1.1 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 12.12.12.2

crypto isakmp policy 10

encr aes 128
hash sha
authentication pre-share
group 5

crypto isakmp key IDN-MANTAB address 23.23.23.3

crypto isakmp key IDN-MANTAB address 24.24.24.4

crypto ipsec transform-set IDNTransform esp-aes esp-sha-hmac

mode transport
exit
crypto ipsec profile IDN-Profile
set transform-set IDNTransform

int tun0
tunnel protect ipsec profile IDN-Profile

=========================================
======
R2 ISP
======

interface Ethernet0/0
ip address 12.12.12.2 255.255.255.0
no sh
interface Ethernet0/1
ip address 23.23.23.2 255.255.255.0
no sh
interface Ethernet0/2
ip address 24.24.24.2 255.255.255.0
no sh

========================================

=========
R3 Skop 1
=========
interface Loopback0
ip address 2.2.2.2 255.255.255.255
interface Tunnel0
ip address 192.168.10.2 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
ip ospf network broadcast
tunnel source 23.23.23.3
tunnel destination 12.12.12.1
tunnel protection ipsec profile IDN-Profile
interface Ethernet0/0
ip address 23.23.23.3 255.255.255.0
no sh
router ospf 13
network 2.2.2.2 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 23.23.23.2

crypto isakmp policy 10

encr aes 128
hash sha
authentication pre-share
group 5

crypto isakmp key IDN-MANTAB address 12.12.12.1

crypto ipsec transform-set IDNTransform esp-aes esp-sha-hmac

mode transport
exit
crypto ipsec profile IDN-Profile
set transform-set IDNTransform

int tun0
tunnel protect ipsec profile IDN-Profile

==========================================
=========
R4 Skop 2
=========

interface Loopback0
ip address 3.3.3.3 255.255.255.255
interface Tunnel0
ip address 192.168.10.3 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
ip ospf network broadcast
tunnel source 24.24.24.4
tunnel destination 12.12.12.1
tunnel protection ipsec profile IDN-Profile
interface Ethernet0/0
ip address 24.24.24.4 255.255.255.0
no sh

router ospf 14
network 3.3.3.3 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 24.24.24.2

crypto isakmp policy 10

encr aes 128
hash sha
authentication pre-share
group 5

crypto isakmp key IDN-MANTAB address 12.12.12.1

crypto ipsec transform-set IDNTransform esp-aes esp-sha-hmac

mode transport
exit
crypto ipsec profile IDN-Profile
set transform-set IDNTransform

int tun0
tunnel protect ipsec profile IDN-Profile

===================================================================

DMVPN Fase 2 Whit OSPF & EIGRP

===================================================================

=====
R-HUB
=====

interface Tunnel0
ip address 192.168.10.1 255.255.255.0
ip nhrp authentication IDN
ip nhrp network-id 1
tunnel source 12.12.12.1
 tunnel mode gre multipoint
ip nhrp map multicast dynamic

router eigrp 12
network 1.1.1.1 0.0.0.0
network 192.168.10.1 0.0.0.0
no auto-summary

int tun0
no ip split-horizon eigrp 12

=========
R-Spoke 1
=========
interface Tunnel0
ip address 192.168.10.1 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
tunnel source 23.23.23.3
tunnel mode gre multipoint

router eigrp 12
network 1.1.1.1 0.0.0.0
network 192.168.10.2 0.0.0.0
no auto-summary

int tun0
no ip split-horizon eigrp 12

=========
R-Spoke 2
=========
interface Tunnel0
ip address 192.168.10.3 255.255.255.0
ip nhrp authentication IDN
ip nhrp map 192.168.10.1 12.12.12.1
ip nhrp network-id 1
ip nhrp nhs 192.168.10.1
tunnel source 24.24.24.4
tunnel mode gre multipoint

router eigrp 12
network 1.1.1.1 0.0.0.0
network 192.168.10.3 0.0.0.0
no auto-summary

int tun0
no ip split-horizon eigrp 12

Note: OSPF Hanya berbeda pada pengaktifan mode Broadcast

karena default Interface Tunnel adalah Point to point
#int tun0
#ip ospf network broadcast

===================================================================

DMVPN Fase 3 Whit OSPF & EIGRP

===================================================================
Pasa Fase 3 tidak terdapat perubahan yang banyak kita hanya
perlu mendambahkan (ip nhrp redirect)

=====
R-HUB
=====

int tun0
ip nhrp redirect

R-Spoke1 & 2
int tun0
ip nhrp shorcut

Note: Pada Spoke kita bisa melakukan konfigurasi Shorcut saja,

tetapi bisa juga kita bikin mode redirect

=======
OSPF & EIGRP sama seperti sebelumnya

==========================
Summarization DMVPN Fase 3
==========================
R-Spoke1
========
int lo1
ip address 192.168.1.1 255.255.255.255

router eigrp 12
network 192.168.10.2 0.0.0.0
network 192.168.1.1 0.0.0.0
no auto-summary

========
R-Spoke2
========

router eigrp 12
network 192.168.10.3 0.0.0.0
network 192.168.2.1 0.0.0.0
no auto-summary

=====
R-HUB
=====
int lo1
ip address 192.168.111.1 255.255.255.255

router eigrp 12
network 192.168.10.1 0.0.0.0
network 1.1.1.1 0.0.0.0
no auto-summary
int tun0
ip summary-address eigrp 12 192.168.0.0/16