DMVPN is a type of virtual private network designed by Cisco that uses multiple networking protocols to create secure tunnels between different servers and routers. DMVPN stands for Dynamic Multipoint Virtual Private Network. Dynamic means that tunnels can be created and then dropped when they’re no longer needed. Multipoint means that any server or router with the right DMVPN configuration can participate on the network.

How does DMVPN work?

DMVPN terminology uses “hubs” and “spokes” to describe routers in such a network: there is one hub, the main router, and multiple spoke routers that serve as network nodes to which traffic moves. DMVPN technology uses multiple protocols, including IPSec (IP security) and generic routing encapsulation (GRE) tunneling, a protocol for transferring information between network points.

DMVPN connections can be hub-to-spoke, in which a spoke router has a direct tunnel to the main router, but the unique aspect of DMVPN is its spoke-to-spoke network connections. Spoke routers, which have dynamic IP addresses, can deploy a connection to another spoke router by learning its IP address from the server in the main hub. If unused, that connection will eventually terminate. Hub routers in a DMVPN network have static IP addresses.

Difference between DMVPN and VPN

A typical VPN is a private tunnel constructed between a main server and an external user’s private computer network. It bypasses the path that network traffic takes through an Internet service provider. This prohibits the ISP from seeing the user’s network traffic and the IP addresses they’re visiting. DMVPN, though it serves a similar purpose, works a bit differently. Instead of providing just one secure tunnel, it creates multiple ones for multiple servers and routers.

For example, if a business wants to have one VPN configuration for all of its employees, DMVPN offers that option. All the servers and routers need to have the same DMVPN configuration. In contrast, a typical VPN sets up a long-term tunnel between one private user and a company private network. Each private user, or employee, has their own tunnel and can only connect to the specified company server. But DMVPN allows two private routers to create a tunnel without having to go through the main hub server.

Why is DMVPN helpful?

Because its tunnels don’t have to last forever, DMVPN is a more flexible virtual private network solution. Once a set period of time has passed, a spoke-to-spoke connection will be dropped if it isn’t being used. Any router with the correct DMVPN configuration can connect to the main router—it’s not just a single VPN solution with one always-open tunnel for one user. DMVPN can be a good choice for businesses with many employees in multiple locations.

DMVPN also provides lower latency for a network with many connected routers. It’s scalable, too, for businesses that need to grow and continue adding connections.


Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Each generation of computer has brought significant advances in speed and power to computing tasks. Learn about each of the...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...


SHA-256 is an algorithm used for hash functions and is a vital component...

Document Management System

A document management system is an automated software solution businesses and organizations use...

Conti Ransomware

Conti ransomware first emerged in 2020. It uses a ransomware as a service...