This is a method in which a GRE tunnel i sencrypted with IPSEC.
The main purpose of this is IPSEC as it is does not support Routing protocols like EIGRP, OSPF etc.
Say u have a MAIN office and branch offices. The branch offices were originally connected to the main office using frame-relay or dedicated leased lines and you were happily running routing protocols between them to exchange routing information.
Now u have moved on VPN to cut costs. but unfortunately IPSEC does not support dynamic routing protocols, and GRE supports routing protocols but does not encrypt data.
So we use GRE and encrypt the GRE tunnel with IPSEC so that others on the internet cannot eavesdrop on our routing information.
i do not have any idea about IPSEC over GRE though.
If u have no idea about IPSEC and GRE then U must do some document reading.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...