VPN DVTI tunnel source

When configuring VPNs using a Dynamic Virtual Tunnel Interface (DVTI), it is unnecessary to use the tunnel source command. When creating a static VTI, you must bind that VTI to a physical interface. However, when creating a dynamic VTI, you create a virtual template that is not associated with any physical interface. Whenever a new IPSec session is needed, the router automatically creates a virtual access interface that is cloned from the virtual template. This can occur on any of the router’s interfaces, so there is no single interface that is the tunnel’s source.

https://networklessons.com/cisco/ccie-routing-switching-written/ipsec-vti-virtual-tunnel-interface https://networklessons.com/cisco/ccie-enterprise-infrastructure/flexvpn-hub-and-spoke

Links to this page: