Looks like there using GRE (Generic Routing Encapsulation). If I understand correctly GRE is used to tunnel multiple routing protocols between two private networks. IPSec then has to be added to the GRE tunnel to encrypt the traffic. GRE does not provide authentication or encryption like IPsec does.
is the config you posted really the whole config you have on your router? Whats about access-lists?
From what you posted I must say your Tunnel is not secure at all because there no encryption of your tunneled traffic. Anybody who is able to sniffer your traffic or to do a "man in the middle" attack can read your tunnel traffic and you even don't know that he is doing it. If you have no access-list and no cbac you won't defend against any DoS. The only security you have is the nat translation. But if a nat entry is made, anyone can use it from outside.
the config had some access list as well but all set in "out" on the WAN and eth interfaces ( not IN ) . I can post them if you think they might be useful.
For what encryption is concerned , there's no encryption enabled on the tunnel interface . At least on the router configuration I had access to . That's what puzzled me more when I've been asked to supervise the configuration made by others .
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :