Tunnel mode, what is the new IP?

Unanswered Question
Jan 29th, 2010
User Badges:

I now that tunnel mode encrypts the whole packet and the whole packet gets a new outer IP header. What is the source IP in this header? I need this because my VPN Peer router comes after my Perimeter router. I need the perimeter router to allow VPN packets through.



Thanks In advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 01/29/2010 - 03:02
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

sahamed127 wrote:


I now that tunnel mode encrypts the whole packet and the whole packet gets a new outer IP header. What is the source IP in this header? I need this because my VPN Peer router comes after my Perimeter router. I need the perimeter router to allow VPN packets through.



Thanks In advance


The source and destination IP addresses in the outer header of the packet will the VPN peer devices at either end of the tunnel. So in your case the source IPs should be the VPN peer router public IP address where the crypto map is applied.


Jon

Actions

This Discussion