12-01-2022 05:37 AM
Hello!
I have a question about gre tunnel. So i have this network, whats picture i uploaded here. So the gre tunnel is between 'R2' and 'KV'.
With the help of ACL-s, i want to deny all the packets coming in from private networks on 'HATAR'. But when i do that, i can't ping from the top left to the bottom right. How can direct traffic on gre tunnel?
I configured the tunnels:
R2:
int tunnel 5
ip address 192.168.140.1 255.255.255.252
tunnel source g0/0/1
tunnel destination 83.14.10.49
tunnel mode gre ip
KV
ip address 192.168.140.2 255.255.255.252
tunnel source g0/0/0
tunnel destination 83.14.10.33
tunnel mode gre ip
i also have configured ospf protocol for the full network, and i got the tunnels' network in the process
12-01-2022 05:47 AM
for ACL I dont get what you want
for direct traffic toward GRE tunnel
only use
ip route x.x.x.x y.y.y.y tunnel Z <<- tunnel Z direct traffic to tunnel
12-01-2022 06:02 AM
So ACL: I want to deny all private network addresses to come in on 'HATAR' and i want to direct them to the gre tunnel
but if i make an extended acl and deny all private network addresses on 'HATAR', the traffic don't go through the tunnel
here is my packet tracer file: https://www.mediafire.com/file/8keiv6cc68is068/topology.pkt/file
12-02-2022 11:05 AM
but the tunnel pass through HATAR?
anyway as I mention, you need static route toward tunnel, what you concern here is destination not source.
only config static route for destination (traffic must pass through tunnel ) and that it.
traffic will pass through tunnel.
12-04-2022 06:35 AM
The tunnel is between R2 and KV
i'll try it, thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide