Has anyone actually gotten a Cisco DMVPN to work?
-
Right now, I have a Cisco 2821 Router as my main Internet Router/FW. Not only does it do everyday FW, Routing, NAT, DHCP, VLANS, etc, but it's also a DMVPN spoke. I want to add a pfSense FW to the network as there are some functions that it would add that the Cisco either doesn't, or I can't afford Cisco's solution. My main concern is the DMVPN spoke and how to keep it working.
To the best of my knowledge, there is no solution within pfSense that would allow me to remove the Cisco router and just use the pfSense FW since it doesn't support DMVPN's, so I need a way to make both of them work hand in hand. I have checked the forums. There are many discussions on this subject, but I have not seen any concrete solutions.
Due to the functions I would like to add via the pfSense FW, I would like the pfSense FW to be the top side or Internet facing device while the Cisco router will be the bottom side or internal network facing device. Not sure which mode would work best for the FW, Transparent or Routing, but much of that depends on the following question.
Thus my primary question is simple…has anyone actually gotten a Cisco DMVPN to either terminate at a pfSense router, or pass through it to an inside Cisco router? If so, how?
-
Anyone?