Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2239
Views
0
Helpful
9
Replies

GRE and VPN ?

Go to solution
donaldspry
Level 1
Level 1

‎01-22-2008 07:11 AM - edited ‎03-03-2019 08:22 PM

Okay, so I am a bit confused on the difference, if any, between the two. GRE's can be encrypted using IPSec and apparently a VPN doesn't necessarily have to be encrypted. So my questions are:

Does a GRE tunnel qualify as a VPN?

How/what is a VPN that isn't encrypted?

Thanks for the help!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Danilo Dy

‎01-22-2008 08:22 AM

Donald

I believe that you and some others are looking for some precision of definition in terms that are generally treated loosely and not well defined. I would like to build off the points that Dandy makes: a Virtual Private Network is a network that makes a machine (or a subnet, or a network) that is not physically connected a "virtual" member of some network. In that sense there is no requirement for encryption, and I believe that this is the meaning taken in the wikipedia article. And in that sense then GRE probably does qualify as one kind of VPN.

Another aspect is to observe that a VPN is generally regarded as being a tunnel and that GRE is a tunneling technology. So that would suggest to some people that VPN and GRE are terms that mean the same thing.

But for many people a somewhat more strict meaning is understood when we discuss VPN. To them encryption is a essential ingredient of VPN. And in that sense GRE does not qualify as a VPN since GRE does not provide encryption.

I believe that it gets especially confusing since GRE is so frequently combined with IPSec. And in that sense GRE is very closely related to VPN and could be considered one form of VPN.

While I am known to be one who favors using terms as precisely as possible, I recognize that there is much imprecision in the common usage of the term VPN. I believe that you will need to be clear about the context and the way in which you use the term because there is not any widely accepted precise definition of what constitutes a VPN.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
9 Replies 9

Go to solution
texanmutt
Level 1
Level 1

‎01-22-2008 07:17 AM

No, GRE is not VPN. It provides no encryption at all. It only encapsulates packets. The most common use of GRE is to allow for multicast to go across an IPsec tunnel. This allows you to run things such as routing protocols over an IPsec VPN tunnel.

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame

‎01-22-2008 07:20 AM

No, GRE tunnel does not qualify as a VPN since it doesn't provide any encryption. GRE tunnel provides the ability to carry non-IP traffic such as routing protocols.

I don't understand the 2nd question. A VPN needs to be encrypted or it's not a VPN.

HTH,

__

Edison.

0 Helpful

Go to solution
donaldspry
Level 1
Level 1
In response to Edison Ortiz

‎01-22-2008 07:37 AM

So a VPN has to be encrypted?

That would help clear things up for me, but on wikipedia it states:

"VPN need not have explicit security features, such as authentication or content encryption".

0 Helpful

Go to solution
Edison Ortiz
Hall of Fame
Hall of Fame
In response to donaldspry

‎01-22-2008 07:43 AM

I think wikipedia is referring along the lines of trusted VPNs such as MPLS. I wouldn't call GRE a trusted VPN.

Please see this URL for more info:

http://www.vpnc.org/vpn-standards.html

HTH,

__

Edison.

0 Helpful

Go to solution
Danilo Dy
VIP Alumni
VIP Alumni

‎01-22-2008 07:46 AM

Hi,

VPN stand for Virtual Private Network. It is a private network that uses public network (internet) to connect remote sites or users together.

Security is one of the component of well designed VPN. Encryption is used to secure data communication accross VPN. The popular encryption method is IPSec (DES | 3DES)

The word "Private" in VPN is argumentative. For some, any tunneling that connects remote sites or users together across a public network (internet) is called VPN - as what the definition says. However, others will use the word "Private" as secure :) - it will not be "Private" if unauthorized people can see the data flowing accross the tunnel :)

Regards,

Dandy

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Danilo Dy

‎01-22-2008 08:22 AM

Donald

I believe that you and some others are looking for some precision of definition in terms that are generally treated loosely and not well defined. I would like to build off the points that Dandy makes: a Virtual Private Network is a network that makes a machine (or a subnet, or a network) that is not physically connected a "virtual" member of some network. In that sense there is no requirement for encryption, and I believe that this is the meaning taken in the wikipedia article. And in that sense then GRE probably does qualify as one kind of VPN.

Another aspect is to observe that a VPN is generally regarded as being a tunnel and that GRE is a tunneling technology. So that would suggest to some people that VPN and GRE are terms that mean the same thing.

But for many people a somewhat more strict meaning is understood when we discuss VPN. To them encryption is a essential ingredient of VPN. And in that sense GRE does not qualify as a VPN since GRE does not provide encryption.

I believe that it gets especially confusing since GRE is so frequently combined with IPSec. And in that sense GRE is very closely related to VPN and could be considered one form of VPN.

While I am known to be one who favors using terms as precisely as possible, I recognize that there is much imprecision in the common usage of the term VPN. I believe that you will need to be clear about the context and the way in which you use the term because there is not any widely accepted precise definition of what constitutes a VPN.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Richard Burts

‎01-22-2008 12:59 PM

Donald

You asked a very interesting and subtle question. I am glad that my answer was helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that they will read answers that resolved the question (especially when it is a really interesting question).

The forum is an excellent place to learn more about Cisco networking. I encourage you to continue your participation in the forum and to keep asking good questions.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
donaldspry
Level 1
Level 1
In response to Danilo Dy

‎01-22-2008 08:42 AM

So the answer relies on the encryption?

Would a GRE tunnel over IPSec be considered/qualified as a VPN?

Or is it the IPSec is the VPN component and is carrying the GRE tunnel?

0 Helpful

Go to solution
texanmutt
Level 1
Level 1
In response to donaldspry

‎01-22-2008 08:53 AM

The latter is correct.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card