Re: GRE/NOS VPN tunnel power loss issue

dhetherington1 · ‎07-25-2008

Hi everyone. I have an issue with several 871 and 1811 routers that are configured in a hub/spoke configuration. All sites connect back to our main office and also out to a third party site for database access. The issue we have is if the router looses power when the device comes back up the tunnel shows as "Tunnel2 is up, Line Protocol Down" that is until we execute the "tunnel mode nos" or "tunnel mode gre ip" command in the interface. Then the tunnel mode changes to up. Is there some way to make the tunnle mode automaticly come up when power is lost?

Thanks in advance.

I've attached a config from one of our sites, which may or may not help.

a.alekseev · ‎07-25-2008

use tunnel protection....

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp key Cisco12345 address 10.0.149.217

crypto IPsec transform-set T1 esp-3des esp-sha-hmac

crypto IPsec profile P1

set transform-set T1

!

interface Tunnel0

ip address 10.0.51.203 255.255.255.252

load-interval 30

tunnel source 10.0.149.203

tunnel destination 10.0.149.217

tunnel protection IPsec profile P1

!

interface Ethernet3/0

ip address 10.0.149.203 255.255.255.0

duplex full

!

dhetherington1 · ‎07-28-2008

So that will work for the GRE tunnels, but what about the NOS mode tunnels? And these are the ones that i'm most concerned about.

Thanks though for the reply

a.alekseev · ‎07-28-2008

Could you explane to me

what is the reason to use NOS between cisco devices?

dhetherington1 · ‎07-28-2008

It's the hardware provided on the other end of the tunnle that requires the tunnel mode to be configured as we have it. We tried setting up as GRE tunnels but they failed so we looked into things further and discovered that NOS tunnels worked. I don't know if the receiving end of the tunnel is a cisco router.