CCNP – GRE over IPSEC (Part 1)

One of the concept’s I ran across on the CCNP Route exam was dealing with a GRE over an IPSEC Tunnel. I had dealt with both individually but not at the same time. Because of that I had no frame of reference on how to troubleshoot or know if the example I was given was working right. This sounded like a good thing to prototype in GNS3. What I will cover in this post is a base setup of the router and following with the basic GRE configuration. I used a Cisco doc I found on setting this up but found that a piece was missing based on the configuration commands I found, hence the Internet Router that you see listed in the middle of this config -

! Main Router
!
interface FastEthernet0/1
ip address 14.36.88.6 255.255.0.0
!
ip route 0.0.0.0 0.0.0.0 14.36.1.1
!
! Internet Router (connects to Main on fa0/1 & SW1 on fa0/0)
!
interface FastEthernet0/0
ip address 14.38.1.1 255.255.0.0
!
interface FastEthernet0/1
ip address 14.36.1.1 255.255.0.0
!
! Remote Router (R2)
! Connects to SW1 on port 2 using fa0/0
interface FastEthernet0/0
ip address 14.38.88.10 255.255.0.0
!
ip route 0.0.0.0 0.0.0.0 14.38.1.1
!
The routers are now connected together. You should see each router from the other via cdp and ping. You wont need to do anything other than just put ip addresses on the two ethernet interfaces for the Internet router. The static route on the Main and remote routers will take care of the rest for the base part of the config. The next step is to build the GRE Tunnel.

! Main Router
!
interface Tunnel0
ip address 192.168.16.2 255.255.255.0
tunnel source FastEthernet0/1
tunnel destination 14.38.88.10
!
! Remote Router (R2)
!
interface Tunnel0
ip address 192.168.16.1 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 14.36.88.6
!
If you have the routers configured correctly, you should be able to ping the Main routers T0 interface from Remote router R1. You should also be able to ping Remote R1′s T0 interface from Main. In the next installments we will cover setting up the IPSec and the routing protocol.

This entry was posted in Blog Entries, CCNP and tagged , . Bookmark the permalink.