Design and Implementation of a Secure DMVPN Architecture for Enterprise Networks
DOI:
https://doi.org/10.65405/3jrj8x33الكلمات المفتاحية:
DMVPN, IPsec, OSPF, Network Simulation (GNS3), Enterprise VPN, Performance Evaluationالملخص
This paper presents the design and implementation of a secure Dynamic Multipoint Virtual Private Network (DMVPN) architecture for enterprise networks with geographically distributed branches. Traditional site-to-site VPN solutions often suffer from scalability and management limitations as the number of branches increases [1], [2]. DMVPN addresses these challenges by enabling dynamic, scalable, and efficient connectivity between multiple sites over public networks [3].
The proposed architecture integrates Multipoint Generic Routing Encapsulation (mGRE), the Next Hop Resolution Protocol (NHRP), and the Open Shortest Path First (OSPF) routing protocol to provide dynamic routing and direct spoke-to-spoke communication [4], [5]. To ensure secure data transmission, IPsec encrypts tunnel traffic and protects network communications against potential threats [6], [7].
The solution is implemented and evaluated using the GNS3 network simulation environment [8]. Performance evaluation focuses on latency, throughput, and routing convergence time under normal operation and link failure conditions. Experimental results demonstrate that the proposed DMVPN architecture provides secure, flexible, and scalable connectivity while maintaining acceptable performance for enterprise requirements [7], [9].
Findings confirm that DMVPN, when combined with dynamic routing and robust security mechanisms, is an effective solution for modern enterprise wide-area networks [2], [5].
التنزيلات
المراجع
[1] Cisco Systems, Dynamic Multipoint VPN (DMVPN) Overview, Cisco Technical Documentation, 2020.
[2] Cisco Systems, Dynamic Multipoint VPN: Design Guide, Cisco Press, 2019.
[3] Cisco Systems, Configuring DMVPN Phase 3 Using IKEv2, Cisco Documentation, 2023.
[4] D. L. Meyer, “Next Hop Resolution Protocol (NHRP),” RFC 2332, IETF, Apr. 1998.
[5] S. Kent and K. Seo, “Security Architecture for the Internet Protocol,” RFC 4301, IETF, Dec. 2005.
[6] J. Moy, “OSPF Version 2,” RFC 2328, IETF, Apr. 1998.
[7] M. Hasan et al., “DMVPN Network Performance Based on Dynamic Routing Protocols and Basic IPsec Encryption,” Proc. ICECCE, Kuala Lumpur, Malaysia, 2021.
[8] M. A. Said et al., “Analysis of IPsec Implementation on DMVPN Using Dynamic Routing Protocols,” Building of Informatics, Technology and Science, vol. 4, no. 2, pp. 112–120, 2022.
[9] A. Bahnasse and N. El Kamoun, “Scalability Analysis of Dynamic Routing Protocols over DMVPN,” Int. J. Computer Applications, vol. 123, no. 2, 2015.
[10] R. Khelf and N. Ghoualmi-Zine, “A Survey on Dynamic Multipoint Virtual Private Networks,” CEUR Workshop Proc., vol. 2379, 2017.
[11] I. M. Abushawer, “Performance Evaluation of DMVPN over Secure WAN Networks,” Engineering and Info. Management Journal, 2025.
[12] GNS3 Technologies, GNS3 Documentation, Version 2.x, 2023.
التنزيلات
منشور
إصدار
القسم
الرخصة
الحقوق الفكرية (c) 2026 مجلة العلوم الشاملة
هذا العمل مرخص بموجب Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
