02-04-2005 07:22 AM - edited 02-21-2020 01:35 PM
I have a remote router terminating both a GRE tunnel and an IPSec tunnel.
The other endpoints for these tunnels terminate on another Router (GRE) and 3000VPN Concentrator (IPSec) at a Central location, but on the same Ethernet subnet.
Both tunnels come online no problem and I can connect users to servers etc. The problem is that the traffic outbound from the central location uses the IPSec tunnel, but the traffic from the remote location is using the GRE tunnel i.e. is not getting encrypted, but reaches its destination.
I've set it up this way because the central Router isn't IPSec capable and we had to use the existing VPN.
Is there any way to get the remote traffic encrypted ?
regards
Andy Greaves
02-04-2005 08:37 AM
I am not clear why you need the GRE tunnel. Can you explain more about why you need the GRE tunnel?
I am guessing from the information presented that the remote router has a route in its routing table which says that your network is reachable with the next hop address being the address of the GRE tunnel end point. I would suggest that you set up the remtoe so that its route to your network has the next hop address as the IPSec peer, and a route that specifies that the IPSec peer is reachable with the next hop address being the end point of the GRE tunnel.
HTH
Rick
02-07-2005 02:12 AM
Rick,
The GRE tunnel is to get the OSPF accross to the remote Router. This way I can have a resilient setup. If the WAN fails (OSPF is lost),the remote Router uses a floating static out its ISDN.
I'll try your suggestion.
Andy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide