Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IPSEC confusion

Guys

What is the difference between GRE over IPSEC and IPSEC over GRE.......which one support roting protocol and if we have layer 2 MPLS which option will work and how it will work an if we have later 3 VPN which tecnology will suit

Thanks for looking

1 REPLY
Cisco Employee

IPSEC confusion

GRE over IPsec and IPsec over GRE - as the name suggests they differ in the way which is the transport protocol.

Typical deployment is GRE over IPsec - it will allow you to run MPLS and almost everything else over IPsec protected GRE tunnel.

Typical deployment is running MPLS over DMVPN at least in Cisco world. You can find multiple documents on CCO about 2547oDMVPN which makes nice reading material to get more understanding.

IPsec over GRE has limited use cases and is typically only used when GRE is the access method to your ISP/upsteam devices. The are no benefits of such deployment (IPsec over GRE) that I can see ;-)

218
Views
0
Helpful
1
Replies
CreatePlease to create content