cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
277
Views
5
Helpful
5
Replies

GRE

jobquerymail
Beginner
Beginner

Hi 

what is difference between GRE and IPSEC ?

Cheers

5 Replies 5

David Ruess
VIP Rising star VIP Rising star
VIP Rising star

GRE is sent in the clear and IPSec is encrypted.

 

 

GRE can also encapsulate many protocols (hence the name Generic).

 

-David

M02@rt37
Rising star
Rising star

Hello @jobquerymail,

To go further GRE/IPSEC serve different purposes and have distinct characteristics.

GRE is primarily used for encapsulating and transporting arbitrary network layer protocols over an IP network. It creates a virtual point-to-point tunnel between two endpoints, allowing the encapsulation of various protocols for secure transmission.

IPsec, on the other hand, is a security protocol suite used for securing IP communications. It provides data confidentiality, integrity, and authentication for IP packets. IPsec can be used to create secure tunnels for VPN connections.

In terms of encapsulation:

GRE encapsulates the entire IP packet, including the original IP header, within a new IP packet. This allows the transmission of non-IP protocols over an IP network.

IPsec adds a new IP header and encapsulates the original IP packet within an IPsec packet. The IPsec packet provides security services such as encryption, authentication, and integrity protection.

In terms of security:

GRE itself does not provide any inherent security mechanisms. It only provides encapsulation and transport capabilities.

IPsec is specifically designed for security and provides mechanisms for encryption, authentication, and integrity protection of IP packets.

Finaly, GRE is more flexible in terms of encapsulating various protocols, including non-IP protocols. IPsec is specifically designed for securing IP traffic and provides standardized security mechanisms.

In practice, GRE and IPsec are often used together. GRE tunnels can be encrypted and secured using IPsec to create secure VPN connections over untrusted networks.

 

Best regards
******* If This Helps, Please Rate *******
Ben

MHM Cisco World
VIP Mentor VIP Mentor
VIP Mentor

many points different but the main differ is 

if you use public network (internet) use IPsec since it secure (I am talking about differ between GRE and IPsec not between GRE/IPsec and IPsec)
if you use private use GRE

if you need to run IGP over tunnel use GRE, IPsec not support multicast (IPsec is P2P)

firewall not support GRE you need to use IPsec and if you face issue with multicast go to use SVTI 

Joseph W. Doherty
Hall of Fame Master Hall of Fame Master
Hall of Fame Master

Differences?  Lots!

So, many I wonder why you ask.  Have you "researched" either?  If not, you might start with the Wiki entries (https://en.wikipedia.org/wiki/Generic_Routing_Encapsulation https://en.wikipedia.org/wiki/IPsec) for both.

If you find some particular detail, for either, unclear, post further questions.

paul driver
VIP Expert VIP Expert
VIP Expert

Hello

IPsec/GRE -  Doesnt support multicast or dynamic routing over tunnel as traffic is encrypted on physcal interface of the GRE tunnel  

GRE/IPsec
-  Does Support multcast and dynamic routing over trunk, Ipsec runs on the Tunnel so entrie tunnel is encrypted


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers