Design and Implementation of a Secure DMVPN Architecture for Enterprise Networks

Authors

  • Ahmad Said Chahine College of Computer Technology-AlZawia Author
  • Abrar Haytham Ahmed University of Tripoli Al'Ahlia Author
  • Sokaina Mawlood Ibraibish University of Tripoli Al'Ahlia Author

DOI:

https://doi.org/10.65405/3jrj8x33

Keywords:

DMVPN, IPsec, OSPF, Network Simulation (GNS3), Enterprise VPN, Performance Evaluation

Abstract

This paper presents the design and implementation of a secure Dynamic Multipoint Virtual Private Network (DMVPN) architecture for enterprise networks with geographically distributed branches. Traditional site-to-site VPN solutions often suffer from scalability and management limitations as the number of branches increases [1], [2]. DMVPN addresses these challenges by enabling dynamic, scalable, and efficient connectivity between multiple sites over public networks [3].

The proposed architecture integrates Multipoint Generic Routing Encapsulation (mGRE), the Next Hop Resolution Protocol (NHRP), and the Open Shortest Path First (OSPF) routing protocol to provide dynamic routing and direct spoke-to-spoke communication [4], [5]. To ensure secure data transmission, IPsec encrypts tunnel traffic and protects network communications against potential threats [6], [7].

The solution is implemented and evaluated using the GNS3 network simulation environment [8]. Performance evaluation focuses on latency, throughput, and routing convergence time under normal operation and link failure conditions. Experimental results demonstrate that the proposed DMVPN architecture provides secure, flexible, and scalable connectivity while maintaining acceptable performance for enterprise requirements [7], [9].

Findings confirm that DMVPN, when combined with dynamic routing and robust security mechanisms, is an effective solution for modern enterprise wide-area networks [2], [5].

Downloads

Download data is not yet available.

References

[1] Cisco Systems, Dynamic Multipoint VPN (DMVPN) Overview, Cisco Technical Documentation, 2020.

[2] Cisco Systems, Dynamic Multipoint VPN: Design Guide, Cisco Press, 2019.

[3] Cisco Systems, Configuring DMVPN Phase 3 Using IKEv2, Cisco Documentation, 2023.

[4] D. L. Meyer, “Next Hop Resolution Protocol (NHRP),” RFC 2332, IETF, Apr. 1998.

[5] S. Kent and K. Seo, “Security Architecture for the Internet Protocol,” RFC 4301, IETF, Dec. 2005.

[6] J. Moy, “OSPF Version 2,” RFC 2328, IETF, Apr. 1998.

[7] M. Hasan et al., “DMVPN Network Performance Based on Dynamic Routing Protocols and Basic IPsec Encryption,” Proc. ICECCE, Kuala Lumpur, Malaysia, 2021.

[8] M. A. Said et al., “Analysis of IPsec Implementation on DMVPN Using Dynamic Routing Protocols,” Building of Informatics, Technology and Science, vol. 4, no. 2, pp. 112–120, 2022.

[9] A. Bahnasse and N. El Kamoun, “Scalability Analysis of Dynamic Routing Protocols over DMVPN,” Int. J. Computer Applications, vol. 123, no. 2, 2015.

[10] R. Khelf and N. Ghoualmi-Zine, “A Survey on Dynamic Multipoint Virtual Private Networks,” CEUR Workshop Proc., vol. 2379, 2017.

[11] I. M. Abushawer, “Performance Evaluation of DMVPN over Secure WAN Networks,” Engineering and Info. Management Journal, 2025.

[12] GNS3 Technologies, GNS3 Documentation, Version 2.x, 2023.

Downloads

Published

2026-01-12

Issue

Vol. 10 No. ملحق 38 (2025): Comprehensive Journal of Science

Section

المقالات

License

Copyright (c) 2026 Comprehensive Journal of Science

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

Design and Implementation of a Secure DMVPN Architecture for Enterprise Networks. (2026). Comprehensive Journal of Science, 10(ملحق 38), 1864-1871. https://doi.org/10.65405/3jrj8x33