GRE with IPSec VPN using OSPF

Answered Question
Jun 7th, 2008

Gents,

This is my first post ever here on this platform, I have a problem configuring GRE tunnel with IPSEC tunnel using OSPF..... I have 2 sites connected to my HQ (Media is VSAT). I want all the data encription + Ospf Multicast allowed...

Can I Do it with DWVPN using SDM - I have reviwed one document about it but its all about IEGRP not OSPF...

Would anyone please help me to sort out this issue.. iF ANYONE NEED any other information please update me.... I will be glad to do so...

Thanking you all in anticipation.

I have this problem too.
0 votes
Correct Answer by Farrukh Haroon about 8 years 7 months ago

Your tabuk router is misconfigured:

set peer 172.31.111.93

This should be

set peer 172.31.111.97

Regards

Farrukh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.7 (3 ratings)
Loading.
Farrukh Haroon Sat, 06/07/2008 - 13:02

Hello

I could not locate any specific document for SDM +OSPF, but you could combine the following, and let us know if you need any more assistance.

http://www.cisco.com/en/US/docs/routers/access/cisco_router_and_security_device_manager/25/software/user/guide/DMVPN.html

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008019d6f7.shtml

Regards

Farrukh

premaximus Sun, 06/08/2008 - 01:58

Thanks a lot for the reply, I have read these document but In out case we dont want both sites to talk with each other.. we need to configure Pt to Pt tunnels from HQ.

** Should I have to creat GRE over IPSec Tunnels between the "Tunnel Interfaces" or "Serial Interfaces" or ethrnet to ethrnet .. because in my situation I want creat 2 Tunnels from my HQ ethernet to the both Sites's Routers internal Ethernet.

Is It possible.... or what is the best solution in my case

Thanking you in anticipation,

Shahid

Farrukh Haroon Sun, 06/08/2008 - 03:48

If you want two have to seperate interfaces then you can just use regular GRE over ISPEC. There is no need for the MGRE/DMVPN complexitiy.

Just create two seperate tunnel interfaces on the hub HQ router. Also if you don't need any dynamic routing, you can just have two p2p 'direct encapsulation' IPSEC tunnels (as in IPSEC tunnels without GRE).

Regards

Farrukh

premaximus Tue, 06/10/2008 - 00:15

Thanks Furrukh,

In my case I am using a MPLS base OSPF Network and these 2 link will merge in it using OSPF, so I have configure PtP tunnels to both sites from HQ, one tunnel is working very fine.. but other tunnel is always MM_No_STATE..etc, Its not showing any adjancy from HQ, I am attching the files I do hope you will be able to diagnose the Issue.....

Regards,

Shahid

Correct Answer
Farrukh Haroon Tue, 06/10/2008 - 00:25

Your tabuk router is misconfigured:

set peer 172.31.111.93

This should be

set peer 172.31.111.97

Regards

Farrukh

Farrukh Haroon Tue, 06/10/2008 - 00:43

Thats very nice to know Shahid :) I wish you good luck with your job. You can see where I work from my profile on NETPRO.

Let me know if this solution works out. And also rate helpful posts :)

Regards

Farrukh

premaximus Sat, 06/21/2008 - 02:45

Hi Mr. Furrukh,

I have been asking about this issue from last week but nobody from the forum replied accuratly :)

I am looking for a solution where I can connect local LAN user using WIFI and connect then Using 3G GSM connection to the internet using CISCO Router.

so I need Wifi (WLAN) 3G GSM (WWAN) together so what you will suggest me to slect as a Router + Modules which can best fit in my requirment..

What would be the best solution... 1841 or 1861 series or ???

Many Thanks

Shahid

Farrukh Haroon Sat, 06/21/2008 - 03:56

Dear Shahid

The best option would be to contact the local Cisco team (your account manager).

Cisco has a pretty strong team here in Saudi.

Regards

Farrukh

premaximus Sun, 07/27/2008 - 23:43

Hi Furrukh,

May I please have your email address, Its very Important..

Regards,

Shahid

Actions

This Discussion