Cisco Support Community
Community Member

extending VLANS across GRE/IPSec tunnel

I have a GRE/IPSec tunnel between to facilities and they are runnning EIGRP info across the tunnel.

I want to extend the same VLAN across this tunnel so that both sites can have the same VLAN's and VTP domain info.

Is there a way to do this?

I have attached a config of one side of the GRE tunnel.


Re: extending VLANS across GRE/IPSec tunnel

This is do-able but not through GRE/IPSec Tunnel, it's called L2 VPN or L2TPv3.

L2TPv3 Operation

L2TPv3 provides similar and enhanced services to replace the current UTI implementation, including the following features:

?Xconnect for Layer 2 tunneling via a pseudowire over an IP network

?Layer 2 VPNs for PE-to-PE router service via Xconnect that support Ethernet, 802.1q (VLAN), Frame Relay, HDLC and PPP Layer 2 circuits, including both static (UTI-like) and dynamic (using the new L2TPv3 signaling) forwarded sessions

FAQ if you have question why can't GRE/IPSec work?

Please rate helpful posts.


Re: extending VLANS across GRE/IPSec tunnel

You can do 2 things

1) Run MPLS on top of tunnels and as suggested earlier, AtOM (EoMPLS) and L2TPv3 should help u extend the VLANs.

2) Run IRB over the GRE tunnels and bridge all the traffic from the VLANs into the GRE.

CreatePlease to create content