Scribd
Upload
3 views1 page

Gre 1

The document outlines the configuration steps for GRE tunnels between two routers (R1 and R2), including interface setup and IP addressing. It emphasizes the need for routing to forward LAN traffic through the GRE tunnel and mentions the limitation of GRE regarding encryption, suggesting the use of IPSec for secure communication. Verification steps include checking tunnel interfaces and ensuring reachability between them.

Uploaded by

mohsin.risk93
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
3 views1 page

Gre 1

The document outlines the configuration steps for GRE tunnels between two routers (R1 and R2), including interface setup and IP addressing. It emphasizes the need for routing to forward LAN traffic through the GRE tunnel and mentions the limitation of GRE regarding encryption, suggesting the use of IPSec for secure communication. Verification steps include checking tunnel interfaces and ensuring reachability between them.

Uploaded by

mohsin.risk93
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

GRE Tunnel configuration:

Step1) must have reachability to all the public networks/ip addresses.

On R1:

int tunnel 10
ip add 172.16.0.1 255.255.255.252
tunnel source 180.0.0.1
tunnel destination 180.0.0.10
exit

On R2:

int tunnel 20
ip add 172.16.0.10 255.255.255.252
tunnel source 180.0.0.10
tunnel destination 180.0.0.1
exit

Verification:

show int tunnel 1

+ Once it is done, you should be able to ping the tunnel interfaces with each
other.
+ Now for forward the actual LAN traffic(interesting traffic), You will have to run
routing.
Because GRE is a routing based VPN, whether the GRE encapsulated would be added to
the packet or not
will be decided based on the routing table. Router will add GRE encapsulation for
all the traffic whose
next hop ip address is the IP address of other end tunnel interface.
+ To match the above condition, you can either run any IGP or you can also use
static routing and the routes
should be pointing towards the other end tunnel interface. When you will configure
IGP, you will never advertise
the public network. And you will always advertise the tunnel network, so that
neighbourship can be formed
over the GRE tunnel.

+ Biggest con of GRE tunnel is, it doesn't have capability of doing encryptoin. To
get ride of this problem
We use IPSec over GRE.

You might also like