Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

GRE Tunnels

I have a Cisco 2811 Router configurated with a GRE tunnel, and I want to add another tunnel to other remote site. This is the configuration of the first tunnel:

interface Tunnel1

ip address 10.1.1.1 255.255.255.252

ip access-group 10 out

ip nat inside

ip virtual-reassembly

keepalive 10 3

tunnel source Vlan1

tunnel destination xxx.xxx.xxx.xxx

crypto map IPSEC_VPN

I have some doubts about what subnet to configure for the second tunnel.

In the existing tunnel, the IP address is: 10.1.1.1 and mask: 255.255.255.252 so the subnet is 10.1.1.0. I suppose, I have to configure another diferent subnet (i.e. 10.1.2.0) for the second tunnel, but what IP address and mask, 10.1.2.1 255.255.255.0?

When a PC from the LAN of this router try to connect to the remote router using the tunnel, what IP address do it use?

Thanks and regards

1 ACCEPTED SOLUTION

Accepted Solutions

Re: GRE Tunnels

You are wrong, all your PC needs is a default gateway route to the router, a default route is a route that defines, all unknown IP traffic should be forwarded to the next hop defined in the default route.

11 REPLIES

Re: GRE Tunnels

Marian,

To answer your doubts

In the existing tunnel, the IP address is: 10.1.1.1 and mask: 255.255.255.252 so the subnet is 10.1.1.0. I suppose, I have to configure another diferent subnet (i.e. 10.1.2.0) for the second tunnel, but what IP address and mask, 10.1.2.1 255.255.255.0? - no on your current tunnel you are using 10.1.1.1 255.255.255.252 which is a /30 so you can use the next available /30 which will be 10.1.1.4/30

When a PC from the LAN of this router try to connect to the remote router using the tunnel, what IP address do it use? - you use the remote end IP subnet. You need to make sure you have static/dynamic routes in place for the tunnel.

HTH>

New Member

Re: GRE Tunnels

So, to configure a new tunnel, how many address do I have to reserve? 2 IP address (one for the source and another for the destination )or 4 IP address like the first tunnel configured and in that case, what are the 2 IP address left?

Thanks a lot for your help

Re: GRE Tunnels

Basic subnetting of your first tunnel:-

10.1.1.1 255.255.255.252 = /30 network

Binary 128 64 32 16 8 4 2 1

Mask 128 192 224 249 248 252| 254 255

| 0 0 =0 Network

| 0 1 =1 First IP Address

| 1 0 =2 Second IP Address

| 1 1 =3 Broadcast

Now for your next available network using /30

Binary 128 64 32 16 8 4 2 1

Mask 128 192 224 249 248 252| 254 255

1 | 0 0 =4 Network

1 | 0 1 =5 First IP Address

1 | 1 0 =6 Second IP Address

1 | 1 1 =7 Broadcast

And so on.

New Member

Re: GRE Tunnels

Ok, I understand.

Another question: you said that when a PC connects to the remote network, it gets an IP address from the remote IP subnet, but, how does it gets it, if there is no DHCP activated on the router?

Thanks

Re: GRE Tunnels

There is some confusion here - my first reply to your question was:-

Your original question - When a PC from the LAN of this router try to connect to the remote router using the tunnel, what IP address do it use?

My response - You use the remote end IP subnet. You need to make sure you have static/dynamic routes in place for the tunnel.

New Member

Re: GRE Tunnels

I think I understood your response, and I do have static routes, like this:

ip route 192.168.3.0 255.255.255.0 10.1.1.2

But what I was wondering is which address from the subnet 192.168.3.0 do I get when I connect from a local PC to this remote end subnet.

Thanks and regards

Re: GRE Tunnels

Your question makes no sense? Are you asking which IP address you should use to connect to a remote end device? If so - use the IP address the remote end device is configured with.

New Member

Re: GRE Tunnels

I will try to explain myself better, if I want to connect from my local PC (IP addr: 192.168.5.10) to a remote PC with have the IP address 192.168.3.25 I need to have in my local PC an IP address from that subnet, (i.e. 192.168.3.30), or Am I wrong?

Re: GRE Tunnels

You are wrong, all your PC needs is a default gateway route to the router, a default route is a route that defines, all unknown IP traffic should be forwarded to the next hop defined in the default route.

New Member

Re: GRE Tunnels

All right,

Thanks a lot for your help.

Regards

Marian

Re: GRE Tunnels

np - glad to help.

132
Views
0
Helpful
11
Replies
CreatePlease to create content