Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

mGRE Tunnel is not establishing between two cisco routers

A multipoint GRE (mGRE) and IPSec tunnel is built between two routers. The topology of the device is briefied below:

Configuration in End Router:

This is a cisco 2811 router. Amoung 2 ethernet interface ,one is using for LAN and one is for WAN. In WAN part , we have configured mGRE (Tunnel1 and Tunnel 2)by creating sub-interface of the router. From the interface ,we terminating the link to MPLS cloud from there its pointing towards our core router.

From End router we are advertising the path through EIGRP and from the cloud BGP advertisied to the core router.

Below is the configuration of the End Router:

crypto ipsec transform-set test esp-3des esp-md5-hmac

mode transport

!

crypto map yesbank 10 ipsec-isakmp

set peer 192.168.80.2

set transform-set test

match address 110

crypto map yesbank 20 ipsec-isakmp

set peer 192.168.80.142

set transform-set test

match address 120

!

interface Loopback0

ip address 192.168.60.6 255.255.255.255

!

interface Tunnel1

description *** CONNECTED TO DAKC PRIMARY ROUTER ***

bandwidth 4000

ip address 10.28.0.2 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip tcp adjust-mss 1436

load-interval 30

delay 2000

tunnel source Loopback0

tunnel destination 192.168.60.1

!

interface Tunnel2

description <<<Connected to DAKC Secondary Router>>>

bandwidth 3000

ip address 10.28.0.154 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip tcp adjust-mss 1436

load-interval 30

delay 3000

keepalive 5 15

tunnel source Loopback0

tunnel destination 192.168.60.35

!

interface FastEthernet0/0

description ***SIFY WIRELESS MPLS LINK ***

bandwidth 2048

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

load-interval 30

speed 100

full-duplex

!

interface FastEthernet0/0.143

description *** SUBINTERFACE FOR SIFY WIRELESS LINK ***

bandwidth 2048

encapsulation dot1Q 143

ip address 192.168.80.34 255.255.255.252

ip flow ingress

ip flow egress

crypto map yesbank

!

interface FastEthernet0/1

description ***BLR LAN***

ip address 10.160.0.3 255.255.252.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip accounting output-packets

ip route-cache flow

speed auto

full-duplex

glbp 1 ip 10.160.0.1

glbp 1 priority 120

glbp 1 preempt

service-policy input YES

access-list 110 permit gre host 192.168.60.6 host 192.168.60.1

access-list 120 permit gre host 192.168.60.6 host 192.168.60.35

Show Tech of the End router also attached . Kindly requesting for the solution ASAP.

Everyone's tags (6)
1 REPLY
New Member

Re: mGRE Tunnel is not establishing between two cisco routers

Hi,

Asuming that crypto & routing are working correctly, if I remember correctly you need to specify a tunnel key ("tunnel key" command under interface tunnel configuration) when you are sourcing multiple GRE tunnels from the same source interface (Loopback0 in your example).

So for each tunnel specify a different tunnel key (both ends need to match).

Sent from Cisco Technical Support iPad App

968
Views
0
Helpful
1
Replies