The first scenario you describe is a GRE tunnel between routers which is sent through IPSec VPN on firewall devices. And obviously it works.
The second scenario is a GRE tunel which is sent through IPSec VPN and processed on the same device. This is very possible. I have configured this many times and it works quite well. Since you did not provide any details of what you configured it is difficult to make suggestions about what was wrong.
The principles of configuring IPSec VPN are the same on firewall or on router. But the details of how to configure them are quite different depending on the platform. The configuration of the GRE tunnel is pretty straightforward. The configuration of IPSec is a bit more complex. My suggestion is to focus first on the configuration of the GRE tunnel. Make sure that you have the tunnel configured and have traffic flowing through the tunnel successfully before you begin the IPSec part of the configuration.
The essentials of what you do to configure IPSec VPN on a router include:
- configure a transform set.
- configure ISAKMP key for the peer.
- configure a crypto map to identify the VPN peer, and the access list to identify traffic to be protected by the VPN.
- configure an access list to identify traffic to be protected by the VPN.
- assign the crypto map to the outbound interface.
With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to leverage Microsoft Single Sign-On for multiple ISE Portals (for example Sponsor and Guest/BYOD Portals).
At the time of this writing, ISE cann...
With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to create a BYOD Flow to provide Wireless network access using an employee’s Azure AD credentials.
The table below shows the whole Cisco Security solutions + Splunk integrations add-ons. Kindly let me know if I have missed some add-ons or if there are any new updates. Thank you!
Hope this will be helpful for everyone who is looking for Splunk in...
A python based script to generate report if there are disabled rules under an Access Control Policy and an option to delete those rules in bulk.
Step 1 Download the script on PCStep 2 Make sure python3 is installed on PC and have reach...
A python based script to generate report if there are double logging on FMC ACP (logging at beginning and end), having rule action "Allow" or "Trust". (Option1 )
Also, the logging at the begging will be disabled if logging is detected for both beginning ...