Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Real world use of VTI tunnels and firewall rules for them

hey guys

I have been looking at VTI tunnels,

I have some questions,

1.What do most people use these for, are they better than using a site to site tunnel on an ASA as you can use routing protcols over them?

2.Is a VTI tunnel a GRE tunnel using IPsec as transport? how is this as normal tunnel is GRE by default, when we change the mode to ipsec ipv4, does this turn off GRE or does it still use GRE?

3.If I use a VTI tunnel on my edge router, do people generally jsut use an access list to only permit the tunnel traffic protocols etc, or would they have a zone based firewall on there? I would appreciate a copy of a general rule base if possible

I look forward to your replies

cheers

Carl

281
Views
0
Helpful
0
Replies