Home > CCNP, ISCW > GRE over IPSec

GRE over IPSec

January 10, 2010 Leave a comment Go to comments

I’m not done yet with the IPSec topic though I can see the light at the end of the tunnel, the GRE tunnel…

I know GRE is not a major exam topic, not even a major VPN topic but it is a new subject for me, something I never used or even heard of and I find it simple yet sophisticated.

The combination of GRE and IPSec allow us to resolve a major problem: encryption of routing protocols over a secure tunnel.

ISPs do not allow routing protocols traffic between your routers and GRE is a tunneling solution. GRE create a virtual interface on each side of the line and create a virtual tunnel between those virtual interfaces. The problem with GRE is that all traffic is not secured.

Tunneling GRE over IPSec encryption enjoy both world: We get a secured encrypted connection and we can use routing protocols.

The exam materials focus entirely on SDM for GRE over IPSec configuration, which tells me it is more of an introduction then a real test topic (and major vendors use the exam to get you familiar with new capabilities) but you can obviously use good old CLI.

CiscoTips have a great example using the following scenario:

Shafagh Zandi have a more advanced CCIE level example that is worth checking.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 40 other followers