thanks mheusinger. this GRE is build over IPsec, but in my senario i don't think IPsec is necessary because ADSL gets fixed private IP and the central router's IP connecting to the provider is also private IP.

i am still confused.

The issue here seems to be that the ADSL is doing NAT for the Remote's LAN ip's, so you have problem for hub to spoke initiated traffic (from ur original Q).

This will remain an issue no matter what VPN technology you use (DMVPN,pt-pt GRE, Site-Site ipsec, Ezvpn etc).

Either you need to remove the NAT, or can you do static NAT on the ADSL router?

-Sunil.

thanks first.

I tested point-to-point tunnel now. at remote site i use cisco 1841 behind the ADSL modem. 1841's F0/0 connecting to the modem gets 192.168.104.1 with default gateway of 196.168.150.1.

i set up tunnel on remote and central sites with tunnel source and destination of each other.

on remote site:

int tunnel0

ip mtu 1492

tunnel source 192.168.104.1---(i also tried dialer1)

tunnel destination 10.10.12.5---(central site IP)

tunnel mode gre ip

ip route 0.0.0.0 0.0.0.0 dialer1

in the "show ip route"

two dailer1 are displayed 192.168.104.85 and 196.168.150.1.

10.200.200.0 appear and disappear every several seconds.

The problem is that tunnel0 interface's line protocol is up, down every several seconds( this should be the cause for 10.200.200.0's app and disapp).

this really confuses me. who can help me?

no reply? this is a really interesting thing to do, hope you all can help.

Hello,

do you have dynamic routing enabled over the GRE tunnel? If so, make sure that the tunnel destination is not learned through the tunnel. This would be considered recursive routing and leads to tunnel down. Then your default route would kick in and the tunnel would come up again. This would fit the observed continuous flapping.

Hope this helps! Please rate all posts.

Regards, Martin

i didn't enable dynamic routing on remote router since i just wish to get it done first from "static routing". the destination addresses are static. and the tunnel addresses are 10.200.200.1 and 10.200.200.2 respectively.

i wish to start from point-to-point, then dynamic routing, then multipoint. long way to go yet. i didn't find the usage of GRE tunnels in the senario like mine.

something strange happens.

the tunnel interface on remote site router is from up to down every 20 seconds, and from down to up every 10 seconds. just as configured to act like that. below is the config on remote site router.

anybody help?

hostname C1800

!

!

logging buffered 51200 warnings

enable secret xxxx

!

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

ip cef

vpdn enable

vpdn ip udp ignore checksum

vpdn-group pppoe

request-dialin

protocol pppoe

username xxx privilege 15 secret xxxx

!

interface Tunnel0

ip address 10.200.200.2 255.255.255.0

no ip redirects

ip mtu 1492

tunnel source 192.168.104.85

tunnel destination 10.10.12.5

!

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$

ip address 172.168.x.x.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface Dialer1

mtu 1492

ip address negotiated

encapsulation ppp

no ip mroute-cache

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap callin

ppp pap sent-username xxxx password 0 xxxx

!

no ip classless

ip route 0.0.0.0 0.x.x.x.x.150.1

!

access-list 1 permit any

dialer-list 1 protocol ip permit

*Apr 19 07:51:35.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to down

*Apr 19 07:51:45.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to up

*Apr 19 07:52:05.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to down

*Apr 19 07:52:15.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to up

*Apr 19 07:52:35.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to down

*Apr 19 07:52:45.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to up

*Apr 19 07:53:05.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, c

hanged state to down

After posting this you seem to have started a new thread discussing this problem using the title:

site-to-site by GRE tunnel with ADSL

and at this URL:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Virtual%20Private%20Networks&topic=General&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddb0188

there have been several discussions and a couple of suggested solutions in that thread. I suggest that all further discussion be consolidated in that thread.

HTH

Rick