Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
2091
Views
5
Helpful
3
Replies

vrf GRE tunnel

Go to solution
fast5658659
Level 1
Level 1

ā€Ž03-16-2016 12:10 AM - edited ā€Ž03-05-2019 03:34 AM

Hi all,

I have a ipsec tunnel towards a remote office. there is a default route on main office router to route internet traffic directly towards ISP

I want to have one GRE tunnel isolated from global routing table 

interface FastEthernet1/0

description to ISP
ip address 103.38.xx.xx 255.255.255.248
duplex auto
speed auto
crypto map VPN1

ip route 0.0.0.0 0.0.0.0 103.38.xx.xx name towards_ISP

interface Loopback100
ip address 10.192.254.114 255.255.255.255

int tunnel 100

ip vrf forwarding VRF1
ip address 10.192.1.166 255.255.255.252
ip tcp adjust-mss 1360
tunnel source Loopback100
tunnel destination 10.192.10.12
tunnel vrf VRF1

though IPsec is up but tunnel line protocol is showing down

What else do I need to do to get GRE tunnel working for vrf VRF1

I am new to VRF 

Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rolf Fischer
Level 9
Level 9

ā€Ž03-16-2016 04:04 AM

Hello,

does the VRF1 routing table have a routing entry to reach the other tunnel endpoint?

  • show ip route vrf VRF1 [10.192.10.12]

Can you ping the the other tunnel endpoint?

  • ping vrf VRF1 10.192.10.12 source loopback 100

I'm not sure but perhaps you want only the tunnel interface to be part of the VRF and leave the tunnel source and -destination in the global routing table? In this case you'll need to remove the 'tunnel vrf VRF1' line under the tunnel interface ("transport VRF", must be routable through the ISP network).

HTH
Rolf

View solution in original post

3 Replies 3

Go to solution
Rolf Fischer
Level 9
Level 9

ā€Ž03-16-2016 04:04 AM

Hello,

does the VRF1 routing table have a routing entry to reach the other tunnel endpoint?

  • show ip route vrf VRF1 [10.192.10.12]

Can you ping the the other tunnel endpoint?

  • ping vrf VRF1 10.192.10.12 source loopback 100

I'm not sure but perhaps you want only the tunnel interface to be part of the VRF and leave the tunnel source and -destination in the global routing table? In this case you'll need to remove the 'tunnel vrf VRF1' line under the tunnel interface ("transport VRF", must be routable through the ISP network).

HTH
Rolf

Go to solution
fast5658659
Level 1
Level 1
In response to Rolf Fischer

ā€Ž03-16-2016 04:14 PM

Thanks Rolf that worked like a treat :)

0 Helpful

Go to solution
fast5658659
Level 1
Level 1
In response to fast5658659

ā€Ž03-16-2016 04:55 PM

Also one more thing I am running bgp under VRF1. I have some static routes in the global routing table which I want to redistribute to VRF1 routing table how can I do that

Thanks much

0 Helpful
Customers Also Viewed These Support Documents