Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
793
Views
0
Helpful
4
Replies

OSPF through GRE Tunnel

Shawnw4401
Level 1
Level 1

‎07-10-2016 09:54 AM - edited ‎03-08-2019 06:34 AM

Here's the situation: I am using three Cisco 3750 switches and two Cisco 3845. The two end switches are being connected together through IPsec Tunnel. The topology is similar to this 3750 switch (1)> 3845 Router > 3750 external switch < 3845 router < 3750 switch (2)

The goal is to get switch 1 to home all of its VLANs and pass traffic through IPsec tunneling. 

At the current moment, I am able to pass OSPF traffic from switch 1 to switch 2. The IP route on switch 2 to shows up as O IA network address via tunnel ip address  Tunnel0

However, IP addresses on switch 2 cannot reach their default gateway. I've also reduced the MTU packet size to 1476.

Is this approach even possible to work, or will I need try something like L2TP? Any suggestions would be greatly appreciated. Thank you.

Labels:
0 Helpful
4 Replies 4

Philip D'Ath
VIP Alumni
VIP Alumni

‎07-10-2016 02:02 PM

Do all the VLANs on all the switches have unique subnets - or are you try to stretch a subnet across two sites?

I would have thought you should have been talking OSPF to the router terminating one end of the tunnel, it will talk OSPF over the tunnel to the next router, and that router would be talking OSPF to your switch again.

It also seems to me a small number of static routes would also do the job ...

0 Helpful

Shawnw4401
Level 1
Level 1
In response to Philip D'Ath

‎07-10-2016 03:48 PM

Philip,

I am trying to stretch other VLAN across the same subnet. Also, I'll try to explain it a little bit better in case there was some confusion. Also, I'll sanitize the IP address used.

Switch 1: 
Int vlan 1: 1.1.1.1/24
Int vlan 2: 2.2.2.1/24
Int vlan 3: 3.3.3.1/24

Switch 2:
Int vlan 1: 1.1.1.2/24

I want to pass VLAN 2 and 3 to switch 2 without putting an int VLAN 2/3 on that switch.
Yes, I can add INT vlan 2/3 on switch 2 and it will work as well, but the goal is to take those interface VLAN (2/3) off switch 2.

0 Helpful

Peter Koltl
Level 7
Level 7

‎07-11-2016 10:27 AM

If you really want to stretch VLANs across the sites you should use L2TPv3/IPsec tunnel. A classic IPsec tunnel can only connect different subnets and VLANs.

0 Helpful

Shawnw4401
Level 1
Level 1
In response to Peter Koltl

‎07-11-2016 10:42 AM

Peter, 

Is it possible to achieve this without using L2TPv3? Not very familiar with that, so would like to see if there's a way with the current setup. I was expecting I might have to take that route though. 

0 Helpful
Customers Also Viewed These Support Documents