Solved: Hi mdasifsm1, I also have

mdasifsm1 · ‎02-03-2014

Hi,

we have some home offices which i am trying to connect over GRE tunnel through cisco router 881.

i connected some home offices using DSL lines of various service providers and its working fine , but when ever i am trying to configure the tunnel over 4G internet connection which uses sim cards to connect to internet, the tunnel not getting built. I Changed the 4G router settings to 3G but still no success.

here is the config

Server:

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

lifetime 3600

crypto isakmp key XXXXX address 0.0.0.0 0.0.0.0

interface Tunnel0

ip address 172.18.18.1 255.255.255.0

no ip redirects

ip mtu 1400

ip nhrp authentication XXXXX

ip nhrp map multicast dynamic

ip nhrp network-id 254

ip nhrp registration no-unique

ip tcp adjust-mss 1360

delay 1000

tunnel source GigabitEthernet0/0.1276

tunnel mode gre multipoint

tunnel key 199

Client :-

____________

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

lifetime 3600

crypto isakmp key XXXXX address 34.88.203.122

interface Tunnel0

bandwidth 1024

ip address 172.18.18.10 255.255.255.0

no ip redirects

ip mtu 1400

ip nhrp authentication XXXXX

ip nhrp map multicast 34.88.203.122

ip nhrp map 172.18.18.1 34.88.203.122

ip nhrp network-id 254

ip nhrp nhs 172.18.18.1

ip tcp adjust-mss 1360

delay 1000

tunnel source FastEthernet4

tunnel destination 34.88.203.122

tunnel key 199

can any one help me....

Vasilii Mikhailovskii · ‎02-04-2014

Hello, Asif.

Could you please provide us a configuration that doesn't work for you (physical and logical interfaces, static routes and crypto cnfiguration).

So far I see you are using Fa4 as a source for tunnel, not you 3G/4G interface.

And I can't see any encryption on your tunnel; this could be an issue if your 3G/4G obtain private (RFC1918) ip-address from provider.

PS: please remember, that it's recommended to use Dialer interface and not to assign ip-address to your Cellular interface.

View solution in original post

Vasilii Mikhailovskii · ‎02-04-2014

Hello, Asif.

Could you please provide us a configuration that doesn't work for you (physical and logical interfaces, static routes and crypto cnfiguration).

So far I see you are using Fa4 as a source for tunnel, not you 3G/4G interface.

And I can't see any encryption on your tunnel; this could be an issue if your 3G/4G obtain private (RFC1918) ip-address from provider.

PS: please remember, that it's recommended to use Dialer interface and not to assign ip-address to your Cellular interface.

mdasifsm1 · ‎02-04-2014

Hi Mikail,

Thankyou for the reply

There is nothing much, the same config is working on DSL lines but not on 3G or 4G connections.

no cellular module on cisco 881 required as the DSL,3g and 4G modem provides Ethernet connection to spoke.

at present i don't need any encryption, the modems getting public ip add, and provides private ip to spoke via in-built dhcp servers.

Here is the topology ..

Vasilii Mikhailovskii · ‎02-04-2014

Hello, Asif.

The issue could be due to modem is doing any kind of firewall, or it's not forwarding GRE to the internal interface (NAT issue).

mdasifsm1 · ‎02-04-2014

Thanks mikhail,

The issue was with encrytion, eventhough the modems obtaining public ip address, the tunnel failed to get created.

i configured IPSec and its working fine, audio also not getting effected.

blaxucisco · ‎10-19-2014

Hi mdasifsm1,

I also have same requirement as yours' . It would be much appreciated if you can share the configuration which works for you?

Thank you,

Laxman

GRE Tunnel over 4G Internet connection