PROJECT FOR USING CISCO DMVPN: enabling the chance to use a proper vpn module
Juodikis, Tautvydas (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025060319782
https://urn.fi/URN:NBN:fi:amk-2025060319782
Tiivistelmä
Organizations operating across multiple locations require secure, efficient, and scalable communication over public networks. With the increasing adoption of remote work and cloud-based services, reliance on VPNs has grown substantially. However, many companies still rely on outdated protocols such as PPTP and frequently fail to implement essential security measures, including the replacement of default device credentials. These shortcomings continue to expose networks to growing cybersecurity threats and the potential for data loss.
The primary objective of this thesis was to implement a secure Dynamic Multipoint Virtual Private Network (DMVPN) solution using Cisco technologies. The implementation focused on deploying DMVPN with the support of GNS3 for network simulation and Zabbix for real-time performance monitoring. These tools enabled the design, validation, and observation of a scalable VPN framework within a virtualized environment, prior to physical deployment.
The study included an analysis of various VPN protocols, assessing their advantages and limitations in terms of security, performance, and scalability. DMVPN was selected for its ability to dynamically establish encrypted tunnels while minimizing manual configuration complexity. The study also addressed hardware compatibility concerns and highlighted the suitability of Cisco routers due to their native support for core technologies such as IPsec, multipoint GRE (mGRE), and Next Hop Resolution Protocol (NHRP).
The key outcome was a fully operational DMVPN simulation that demonstrated secure and scalable site-to-site communication. The results demonstrate the significance of proper VPN configuration and the use of modern protocols in ensuring network resilience. This thesis offers practical guidance for organizations seeking to strengthen their network infrastructure through adaptable and secure VPN technologies.
The primary objective of this thesis was to implement a secure Dynamic Multipoint Virtual Private Network (DMVPN) solution using Cisco technologies. The implementation focused on deploying DMVPN with the support of GNS3 for network simulation and Zabbix for real-time performance monitoring. These tools enabled the design, validation, and observation of a scalable VPN framework within a virtualized environment, prior to physical deployment.
The study included an analysis of various VPN protocols, assessing their advantages and limitations in terms of security, performance, and scalability. DMVPN was selected for its ability to dynamically establish encrypted tunnels while minimizing manual configuration complexity. The study also addressed hardware compatibility concerns and highlighted the suitability of Cisco routers due to their native support for core technologies such as IPsec, multipoint GRE (mGRE), and Next Hop Resolution Protocol (NHRP).
The key outcome was a fully operational DMVPN simulation that demonstrated secure and scalable site-to-site communication. The results demonstrate the significance of proper VPN configuration and the use of modern protocols in ensuring network resilience. This thesis offers practical guidance for organizations seeking to strengthen their network infrastructure through adaptable and secure VPN technologies.