GRE Tunnel as WAN Link

Unanswered Question
Feb 14th, 2007

Hi,

I am implementing a WAN link that span a carriers extranet environment. The link will have an inside interface (our router) and an outside interface (their router). When we send traffic to our remote site the traffic will be subject to NAT allowing routing across the SP extranet. In order to secure the data we need to implement an IPSEC tunnel. The tunnel type needs to be GRE and because NAT is being done we need to used ESP. Could anyone suggest a template that I could use for the two routers that we control, in order to set all of this up?

Any help well rated.

Regards

Gavin

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Wed, 02/14/2007 - 03:09

Gavin,

IPSEC and NAT do not go well with each other. You might want to have a look at IPSEC NAT transparency though and check whether it suits your needs

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftipsnat.htm

The only thing i didn't understand is to use GRE tunnel. I dont think it is needed unless you plan to send routing information across it as IPSEC does not support multicast.

HTH, rate if it does

Narayan

gavin.mckee Wed, 02/14/2007 - 03:15

I need to send RIPv2 over the Tunnel. Thats why I need GRE. Have you seen any examples of this type of configuration?

Actions

This Discussion