Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

quetion about vpn and gre.

R1(1.1.1.1) -- (1.1.1.2)outside-pix-inside(2.2.2.2) -- R2(2.2.2.1)

R1 and R2 are ospf neighbors.

pix is mapping static (inside,outside) 1.1.1.3 2.2.2.1

configuration is below

r1>

int tu 12

ip addr 10.10.10.1 255.255.255.0

tunnel source 1.1.1.1

tunnel destination 1.1.1.3

r2>

int tu12

ip addr 10.10.10.2 255.255.255.0

tunnel source 2.2.2.1

tunnel destination 1.1.1.1

but when I configure ipsec vpn between r1 and pix, ospf neighbor between r1 and r2 is disconnected. If I can't use nat 0, what should I do? Let me know about the above, plz.

2 REPLIES
Silver

Re: quetion about vpn and gre.

Don't the tunnel source and destination need to be mirrored on both the sides?

Gold

Re: quetion about vpn and gre.

providing there is an ipsec between r1 and pix, you can use the real ip of r2.

r1>

int tu 12

ip addr 10.10.10.1 255.255.255.0

tunnel source 1.1.1.1

tunnel destination 2.2.2.1

assuming the ipsec is between the lan behind the r1 and pix. then you just need to add the r1 outside interface ip (1.1.1.1) to the crypto acl.

84
Views
0
Helpful
2
Replies
CreatePlease to create content