GRE Tunneling with route-map

intertouch · ‎02-09-2006

Hi,

I am trying to do this:

Router Remote

interface tunnel0

tunnel mode gre ip

tunnel source 212.1.1.1

tunnel destination 222.1.1.1

!

int s0/0

ip address 212.1.1.1 255.255.255.252

!

int fa0/0

ip address 203.1.1.1 255.255.255.0

ip policy route-map GRE

!

route-map GRE permit 10

match ip address 199

set default interface Tunnel0

!

access-list 199 permit ip 203.1.1.0 0.0.0.255 any

!

ip route 0.0.0.0 0.0.0.0 212.1.1.2

!

Router HQ

interface tunnel0

tunnel mode gre ip

tunnel source 222.1.1.1

tunnel destination 212.1.1.1

!

int s0/0

ip address 222.1.1.1 255.255.255.252

!

int fa0/0

ip address 199.11.1.1 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 212.1.1.2

ip route 203.1.1.0 255.255.255.0 tunnel0

!

However, my intention is to let all the remote office Internet access traffic came to HQ lnternet link. FYI, the two connections are via public cloud

However, all the remote office internet did not come to HQ to access Internet, however, it just connect via the local Internet link. Why is it so?

spremkumar · ‎02-09-2006

hi

In this case you need to remove the default route pointing via the other end serial interface ip and need to add a default route via the tunnel interface.

no ip route 0.0.0.0 0.0.0.0 212.1.1.2

ip route 0.0.0.0 0.0.0.0 tunnel0

ip route 222.1.1.1 255.255.255.255 212.1.1.2

This will automatically pass all the traffic via the tunnel interface to your central location.

Do remember to route the tunnel destination ip thru the serial interface (212.1.1.2) so that recursive lookup can be avoided...

regds

intertouch · ‎02-09-2006

Hi,

"no ip route 0.0.0.0 0.0.0.0 212.1.1.2" made the 222.1.1.1 host unreachable because these two sites connected via a public Internet cloud.

lgijssel · ‎02-09-2006

That is correct. The only node that should be reachable over the cloud is the other end of the tunnel. This can be achieved by adding the host route as specified.

Regards,

Leo