DMVPN – Hybrid Architecture on Cloud- Secure Communications among Branch Offices

Requirement

To connect branch offices with head offices and among each other while keeping costs low, minimizing configuration complexity and increasing flexibility

Challenge

To connect on-premises corporate offices at different geographic locations and to connect them with various production servers which are launched on AWS

Approach

We closely studied the relation of every parameter of VPC and on-premises network with cloud architecture and decided to take the following steps to fulfill both of the above challenges

Solution

We have created a Production VPC-1 having subnet including both public and private subnet. Under one private subnet, we have launched a Cisco router on EC2 instance named as Cisco172.31CRVv1000 and connected a network interface card with the server.

The Internet gateway is created to allow the traffic flow inside or outside the network. We created a routing table and edited the route with proper source and destination. Nat gateway is launched inside for outbound internet connectivity.

Once the connection gets established through router both the offices can communicate internally. This process is followed by all the offices to communicate with each other. If any of the on-premises offices try to ping the servers in the PRODUCTION VPC-1 on AWS, they can easily do so via the Cisco172.31CRVv1000 router.

Conclusion

Our goal is to meet the requirements. Once we migrate to Cisco router inside the AWS network, we found that it significantly reduces costs, which will have a larger impact on our business by Increase productivity.