cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1092
Views
0
Helpful
4
Replies

Adevantages of GRE over IPSec

a.ajiboye
Level 1
Level 1

Hi,

I need someone to help list in simple terms the advantages of GRE over IPSec.

Also, I need to know the differences between GRE and IPSec too.

Thanks

4 Replies 4

rlcarr
Level 1
Level 1

In simple terms IPSec does not support multi-cast. Those most widely used multi-cast is routing protocols. So typically, GRE in enable to support routing protocols. Otherwise you will be stuck trying to manage static routes for all your sites.

GRE, only encapsulates a packet to be routed. The contents of your packet are still visible to a Sniffer, so it is not secure.

IPSec, encrypts your packet to make it secure.

Hope this helps,

~Ron

Try using IPSec thru a GRE tunnel. This would allow the routing protocol to function while encrypting the data that you put in the vpn tunnel.

Michael Stuckey
Level 3
Level 3

It has already been mentioned that you can do IPSEC over a GRE tunnel. You can also do GRE over an IPSEC tunnel. This is the way I do all my set ups that way you can still do all your routing between networks if needed.

GRE is a protocol originally designed to transfer route information, it works at layet 2, where IPSec was originally designed to secure the layer 3 communication up.

Just to give an example you could have an IPsec communication with no tunnel at all.

There are 2 type of IPSec implementation I suggest you to skim this very well written document onm IPSec:

http://www.unixwiz.net/techtips/iguide-ipsec.html

If you are into tunnels, probably the first question is: GRE or L2TP

GRE (protocol 47) is protocol indipendent, does not support tunnel nesting, and it has been used for many yesrs. The most common application is PPTP (Point to Point Tunnel Protocol)

L2TP (Layer 2 Transport Protocol) uses TCP/IP on port 1701, it is protocol dipendent, it supports tunnel nesting.

I hope this help