Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

asa to asa - is it possible to implement GRE tunnel for ospf

Dear Support,

Wondering if it is possible to run a gre tunnel between two asa 5510's.

we have two sites connected via a les100 and running ospf to inject a default route at each site, and these are connected to 3750 emi switches which also run ospf.

what i want to do is if the les 100 fails that we can run ospf across a vpn to exchange full routes. I know ip sec tunnels won't do this as they don't carry multicast.

I am also aware the 3750's don't support tunnel end-points so hence why I would like to do it over the asa's, but may be wrong on a couple things ;-)

any useful configuration urls would be a great help.

thanks in advance, I will always rate useful responses.

thanks adrian

New Member

Re: asa to asa - is it possible to implement GRE tunnel for ospf

You can create GRE tunnel endpoints on 3750 switches and then encrypt the GRE tunnel with IPSec between the ASA5510's. The problem you may run into is that you can't change the mtu of the GRE interface (at least last I checked) and if you run traffic through the GRE tunnel you will run into problems with large packets.