06-21-2009 11:43 PM
I have a Cisco 2811 Router configurated with a GRE tunnel, and I want to add another tunnel to other remote site. This is the configuration of the first tunnel:
interface Tunnel1
ip address 10.1.1.1 255.255.255.252
ip access-group 10 out
ip nat inside
ip virtual-reassembly
keepalive 10 3
tunnel source Vlan1
tunnel destination xxx.xxx.xxx.xxx
crypto map IPSEC_VPN
I have some doubts about what subnet to configure for the second tunnel.
In the existing tunnel, the IP address is: 10.1.1.1 and mask: 255.255.255.252 so the subnet is 10.1.1.0. I suppose, I have to configure another diferent subnet (i.e. 10.1.2.0) for the second tunnel, but what IP address and mask, 10.1.2.1 255.255.255.0?
When a PC from the LAN of this router try to connect to the remote router using the tunnel, what IP address do it use?
Thanks and regards
Solved! Go to Solution.
06-22-2009 08:32 AM
You are wrong, all your PC needs is a default gateway route to the router, a default route is a route that defines, all unknown IP traffic should be forwarded to the next hop defined in the default route.
06-22-2009 01:18 AM
Marian,
To answer your doubts
In the existing tunnel, the IP address is: 10.1.1.1 and mask: 255.255.255.252 so the subnet is 10.1.1.0. I suppose, I have to configure another diferent subnet (i.e. 10.1.2.0) for the second tunnel, but what IP address and mask, 10.1.2.1 255.255.255.0? - no on your current tunnel you are using 10.1.1.1 255.255.255.252 which is a /30 so you can use the next available /30 which will be 10.1.1.4/30
When a PC from the LAN of this router try to connect to the remote router using the tunnel, what IP address do it use? - you use the remote end IP subnet. You need to make sure you have static/dynamic routes in place for the tunnel.
HTH>
06-22-2009 03:32 AM
So, to configure a new tunnel, how many address do I have to reserve? 2 IP address (one for the source and another for the destination )or 4 IP address like the first tunnel configured and in that case, what are the 2 IP address left?
Thanks a lot for your help
06-22-2009 03:47 AM
Basic subnetting of your first tunnel:-
10.1.1.1 255.255.255.252 = /30 network
Binary 128 64 32 16 8 4 2 1
Mask 128 192 224 249 248 252| 254 255
| 0 0 =0 Network
| 0 1 =1 First IP Address
| 1 0 =2 Second IP Address
| 1 1 =3 Broadcast
Now for your next available network using /30
Binary 128 64 32 16 8 4 2 1
Mask 128 192 224 249 248 252| 254 255
1 | 0 0 =4 Network
1 | 0 1 =5 First IP Address
1 | 1 0 =6 Second IP Address
1 | 1 1 =7 Broadcast
And so on.
06-22-2009 06:22 AM
Ok, I understand.
Another question: you said that when a PC connects to the remote network, it gets an IP address from the remote IP subnet, but, how does it gets it, if there is no DHCP activated on the router?
Thanks
06-22-2009 06:55 AM
There is some confusion here - my first reply to your question was:-
Your original question - When a PC from the LAN of this router try to connect to the remote router using the tunnel, what IP address do it use?
My response - You use the remote end IP subnet. You need to make sure you have static/dynamic routes in place for the tunnel.
06-22-2009 07:07 AM
I think I understood your response, and I do have static routes, like this:
ip route 192.168.3.0 255.255.255.0 10.1.1.2
But what I was wondering is which address from the subnet 192.168.3.0 do I get when I connect from a local PC to this remote end subnet.
Thanks and regards
06-22-2009 07:12 AM
Your question makes no sense? Are you asking which IP address you should use to connect to a remote end device? If so - use the IP address the remote end device is configured with.
06-22-2009 07:58 AM
I will try to explain myself better, if I want to connect from my local PC (IP addr: 192.168.5.10) to a remote PC with have the IP address 192.168.3.25 I need to have in my local PC an IP address from that subnet, (i.e. 192.168.3.30), or Am I wrong?
06-22-2009 08:32 AM
You are wrong, all your PC needs is a default gateway route to the router, a default route is a route that defines, all unknown IP traffic should be forwarded to the next hop defined in the default route.
06-22-2009 08:39 AM
All right,
Thanks a lot for your help.
Regards
Marian
06-22-2009 09:03 AM
np - glad to help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide