DMVPN allows data exchanges on a secure network without the use of a headquarter’s VPN server or router. While a VPN acts as a connector between remote sites and HQ, or between different branches, the DMVPN creates a mesh VPN protocol that can be applied selectively to connections being utilized in the business already.

• Multiple GRE tunnel interfaces: a single GRE interface that can secure several IPsec tunnels, reducing the overall scope of the DMVPN configuration
• IPsec tunnel endpoint discovery: meaning that static crypto maps between individual IPsec tunnel endpoints do not have to be configured
• Routing Protocols: which can allow the DMVPN to find routes between different endpoints much more effectively
• NHRP: which can deploy spokes with assigned IP addresses that can then be connected to from the central DMVPN hub.

Each different site (or spoke) can connect to one another securely. This is done using VPN firewall concentrators and routers, with DMVPN configuration on the routers in place at remote sites to allow the DMVPN mesh to be applied to the connection that it’s making at the time.

More info: computer engineering degree