I would like to be on GENEKO email list
    DMVPN technology - Advantages of using on Geneko GWR 3G/4G routers
LATEST NEWS

SCADA – PLC modbus communication

Connecting PLC in industrial environment with SCADA systems using Software Defined Wide Area Networks (SD-WAN), GWG 3G/4G Gateway and mobile technologies. In this project, we used SIM cards from one of the global mobile providers with coverage in many countries and its SD-WAN solution based on the cloud because it is easy to deploy and user friendly with a high level of automation.

Read more
Geneko Remote Access solutions

In a situation caused by extraordinary circumstances, it is necessary to ensure continuity of business and provision of services. In such situation, it is very important to provide your employees with safe and efficient way to work remotely from home and access company resources.

Read more

 

GWRI-Fast-Industrial-Cellular-Router-Series

 

DMVPN technology - Advantages of using on Geneko GWR 3G/4G routers

DMVPN

GWR XS & GWR-I ROUTERS

What is DMVPN?
 
Very useful, flexible and scalable tunneling technology. DMVPN is the preferred solution for organizations requiring encrypted WAN connectivity between remote sites. In other words, DMVPN provides easy way to connect number of different sites/locations into one protected VPN with encrypted traffic.

 

Why DMVPN?
 
  • On-demand full mesh connectivity with simple hub-and-spoke configuration
  • Automatic IP Security (IPsec) triggering for building an IPsec tunnel
  • Minimum deployment for adding/removing remote sites
  • Reduced latency and multicast support
  • Possible to deploy routing protocols over DMVPN
DMVPN provides protected connection DMVPN provides protected connection
 
 
DMVPN can be deployed in two ways:
 
1. Hub-and-spoke deployment model: In this traditional topology, remote sites (spokes) are aggregated into a head end VPN device at the corporate headquarters (hub). Traffic from any remote site to other remote sites would need to pass through the hub device. DMVPN supports dynamic routing and IP Multicast while significantly reducing the configuration effort.
DMVPN Hub and Spoke DMVPN hub and spoke
2. Spoke-to-spoke deployment model: DMVPN allows the creation of a full-mesh VPN, in which traditional hub-and-spoke connectivity is supplemented by dynamically created IPsec tunnels directly between the spokes. With direct spoke-to-spoke tunnels, traffic between remote sites does not need to traverse the hub; this eliminates additional delays and conserves WAN bandwidth.
DMVPN Full Mesh DMVPN full mesh
 
 
Medium-sized and large enterprises
 
In industries such as M2M and IoT, finance, insurance, or retail, numerous sites are typically connected to the corporate headquarters and servers. Critical applications such as bank ATMs, point of sale (POS) machines or PLC electronic devices are deployed over these connections. DMVPN allows these sites to connect over the Internet or Mobile private APN, providing privacy and data integrity while meeting the performance requirements of business-critical applications. First example could be connecting ATM machines to bank headquarters.
DMVPN hub and spoke connecting of ATM machines DMVPN hub and spoke connecting of ATM machines
 
Second typical application is in M2M industry with SCADA to PLC connection.
 
DMVPN hub and spoke deployment for SCADA – PLC communication DMVPN hub and spoke deployment for SCADA – PLC communication
 
Enterprise extranet
 
Large enterprises frequently require connectivity to many business partners. DMVPN can be used to secure traffic between the enterprise and various partner sites, providing network segregation by helping to ensure that no spoke-to-spoke traffic is allowed, even through the hub. Good example can be Petroleum Company which connects different partners petrol stations, oil platforms, refineries, plants, monitoring systems... into one network (figure 6).
DMVPN full mesh deployment in petrol industry DMVPN full mesh deployment in petrol industry
 
With all these in mind it is very easy to deploy SCADA – PLC communication. SCADA software can be installed on SSL clients and PLC could be connected on GWG LAN or serial RS232 and RS485 ports (both TCP/IP and serial RTU modbus protocols are supported).
 
Enterprise WAN connectivity backup
 
DMVPN can be used as a backup connection for MPLS circuit. In this case primary connection is via MPLS and DMVPN over Internet is hot-standby backup. In case that MPLS goes down, DMVPN will handover traffic immediately. Because DMVPN uses relatively cheap internet connections this is optimal solution to build reliable connection between branch sites and headquarters. Good example can be connecting ATM machines to bank headquarters.
DMVPN can be used as a backup connection for MPLS DMVPN can be used as a backup connection for MPLS
 
 
Geneko DMVPN implementation
 
Geneko DMVPN solution is Linux based and implemented on GWR 3G/4G series of routers. It is very convenient, practical, easy to deploy and relatively cheap solution. For smaller networks Geneko routers can easily play both hub and spoke roles.
 
However, in medium and large enterprises Geneko routers could be much better placed on remote/spoke sites. That is practical and cheap solution to connect remote sites with hub location. Typical solution will be to use big CISCO routers on hub and Geneko GWR 3G/4G routers on remote/spoke sites.
 
Geneko DMVPN Advantages
 
  • Easy to configure via web interface
  • Minimum deployment for adding/removing remote sites
  • Possible to deploy static and dynamic routing on DMVPN tunnel
  • Reduced latency and multicast support
  • Pre shared key and certificate based authentication
  • Possible to use hostnames with DDNS
  • Interoperability with CISCO in building DMVPN infrastructure
  • Variety of WAN technologies: Ethernet, Wi-Fi, Mobile (Dual SIM) and ADSL
 

 

 

Copyright © Geneko 2024 | website by Urban dizajn