Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
466
Views
0
Helpful
1
Replies

GRE over IPSEC questions

frankbr77
Level 1
Level 1

‎02-25-2006 07:18 AM - edited ‎02-21-2020 02:16 PM

I just have a couple of questions with GRE over IPSEC.

1. When a clear text packet enters the router does it access the crypto map first or the out bound access-list?

2. When configuring GRE over transport IPSEC where does the AH header get placed. Is it in-between the original IP header and data like this stack?

New IP header

GRE Header

Original IP header

AH Header

Encrypted Payload

Or is it placed in between the new ip header and the GRE header like this stack?

New IP header

AH Header

Encrypted Payload

Thanks in advance for any guidance.

Brad

Labels:
0 Helpful
1 Reply 1

b.speltz
Level 4
Level 4

‎03-02-2006 12:50 PM

For the first question, when a clear text packet enters the router the crypto map is checked first and then then the outbound access list is checked.

For the second question, this will be the order.

New IP header

AH Header

GRE header

payload.

0 Helpful
Customers Also Viewed These Support Documents