cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2612
Views
0
Helpful
9
Replies

Def. route to GRE tunnel - strange behaviour

bartholomiew
Level 1
Level 1

Hello

in our WAN we have the following config:

- star topology to HQ with IPSec VPNs over Internet from remote sites

- in most cases HW is C1812/2811 and C2951 in HQ

- we use GRE tunnels over IPSec and EIGRP as routing protocol

- on tunnel interface at branch side we use address summarization

- default route is available via HQ and is advertised through EIGRP

- there are no additional static routes on branch devices beside few defined for emergency SSH access via Internet

therefore

- all traffic (either to corporate network or to Internet) should be encrypted and forwarded via GRE tunnel to the HQ.

BUT

as shown below, there's a huge mismatch in amount of traffic when compare the tunnel and the physical interface. It leads me to conclusion that not all traffic is encrypted. Am I right? Or I'm missing sth here?

Also weird is that the traffic shape on Null0 interface overlays with the Tunnel interface traffic.

Many thanks for any ideas here.

Cheers

Bartek

WAN interface - F0