The tunnel gets terminated at the remote site with a similar set up

The fastethernet will be natted on the firewall

to an external IP and GRE packets will be let thru

Where will the GRE packets be un encapsulated

Hi

Wheres ur F/W exactly placed ? though i hvnt understood ur topology fully hows the serial connecitivity between ur locations ?is it via any isp or thru Point to point between ur offices itself ??

whts the existing connecitivity and wht ur proposing to do via GRE ??if possible do post u r rough block diagram too

regds

Typical set up is as attached.

Here is exactly what am trying to acheive

1, I have point to point serial that keeps going up and down

2. We dont have enough memory /flash on the router to upgrade to the new image that support IPSec and the router is critical and we cant shut it down.

THis prompted me to explore the option of connecting a fast ethernet as a source for a tunnel interface that can use GRE encaps

Here is the scenario

configure a tunnel interface

Use the spare fast ethernet as the source for this tunnel interface

NAT this interface on the firewall to an external IP

( one to 1 NAT)

Allow only GRE thru the firewall

Same set up on either ends

Add this tunnel interface as a back up interface for the serial interface ( is this allowed at all)

Essentially when the point to point link goes down the tunnel interface will carry the traffic and when the link comes back up it will switch back.

Let me know if this is possible at all or am on a wild goose chase

also what are the other options

i really canT get another router no modules for the router

Thanks

M..

hi

do u hve one more serial link or plannin to have one in future ,over which u can build the GRE tunnel ??

or r u trying to build the GRE tunnel over the exisiting leased line ?

if u r planning to go for a new link and GRE over that then there shuldnt be any issues.but if u r planning or thinking to use the exisiting link then the GRE will also flap whenever ur physical serial link goes up and down.

hope ur aware tht the GRE tunnel is being built over a serial(wan) link.though u mention u r tunnel destination and source as ethernet ports if the reachability is via the same serial wan link then its of no use creating a new gre tunnel.hope this helps.

regds

Hi

Am trying to acheive a back up thru the internet

The point to point private line right now has

no back up,

If i can get this tunnel interface working behind a nat i think this should resolve a lot of my problems

basically if the serial interface goes down i want to have a tunnel thru internet to carry the private line traffic

Thanks

M..

Hi

AFAIU from u r post u better keep the same config instead doing natin in ur f/w.

try to create a GRE with u r Faeth ips as source and destination and route ur remote lan(remote local router eth & f/w outside ip)via the tunnel on both the sides and chek.do apply tunnel as backup and the floating route.i think tht shuld do the trick..

regds