Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSEC with Gre tunnels


I need to make an IPSec Nedwork with two HeadQuartes.

On HeadQuartes I put Cisco 3725 with IOS c3725-ik9o3s-mz.122-15.T7.bin.

On client side I have c1700.

I try to configure an IPSec solution with GRE tunnels and Eigrp routing.

After configuration I have established tunnels, and a good routing table in

every site.

I have connectivity from each site to other.

My problem is that from HeadQuartes Lan I don't have connectivity to

remotes sites even from ethernet-lan router C3725 I have connectivity to

each site (in routing table I have al remote sites and I check conectivity

to remote sites ethernet-lan with ping - looks like C3725 don't forwards


Any ideea?

Thanks in advance,

Valeriu Filipescu


Re: IPSEC with Gre tunnels

Hi Valeru,

can you post a "show run" and "show ip route" from the central router as well as from the remote router?

Also, can you please refine what works and what doesn't?



New Member

Re: IPSEC with Gre tunnels

I am sorry but no I need to reestablish an older solution wich works before.

My problem is that packets who arrived from ethernet (Lan) wasn't forwarded to tunnel interface, this in condition wich extended ping from ethernet router works to ethernet remote router.

I found CSCds02496 bug who describe this problem but for c800 not c3725(The c805 completes the IKE and IPSec negotiation Phase I and Phase II but NOT FORWAR outbound packets to the tunnel. Disabling fast switching by entering the command 'no ip route-cache' allows the c805 to forward packets to the tunnel. The router does not route between the ethernet and the serial ports when IPSec and fast switching are both enabled)

CreatePlease login to create content