Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
345
Views
0
Helpful
2
Replies

quetion about vpn and gre.

skytosky
Level 1
Level 1

‎10-01-2005 08:25 AM - edited ‎02-21-2020 02:00 PM

R1(1.1.1.1) -- (1.1.1.2)outside-pix-inside(2.2.2.2) -- R2(2.2.2.1)

R1 and R2 are ospf neighbors.

pix is mapping static (inside,outside) 1.1.1.3 2.2.2.1

configuration is below

r1>

int tu 12

ip addr 10.10.10.1 255.255.255.0

tunnel source 1.1.1.1

tunnel destination 1.1.1.3

r2>

int tu12

ip addr 10.10.10.2 255.255.255.0

tunnel source 2.2.2.1

tunnel destination 1.1.1.1

but when I configure ipsec vpn between r1 and pix, ospf neighbor between r1 and r2 is disconnected. If I can't use nat 0, what should I do? Let me know about the above, plz.

Labels:
0 Helpful
2 Replies 2

wong34539
Level 6
Level 6

‎10-06-2005 10:51 AM

Don't the tunnel source and destination need to be mirrored on both the sides?

0 Helpful

jackko
Level 7
Level 7

‎10-06-2005 04:36 PM

providing there is an ipsec between r1 and pix, you can use the real ip of r2.

r1>

int tu 12

ip addr 10.10.10.1 255.255.255.0

tunnel source 1.1.1.1

tunnel destination 2.2.2.1

assuming the ipsec is between the lan behind the r1 and pix. then you just need to add the r1 outside interface ip (1.1.1.1) to the crypto acl.

0 Helpful
Customers Also Viewed These Support Documents