Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
10
Helpful
4
Replies

site-to-site tunnel

tankvishal1108
Level 1
Level 1

‎01-08-2016 11:11 AM

Can we establish tunnel using loopback interface configured on router as source address

If yes how to configure???

EX

Loop 100.1.1.1

ROUTER1(203.11.11.1)    ----------    ISP  --------------    Partner's ROUTER

on my side public ip is 203.11.11.1 

if i have loopback100 100.1.1.1 on ROUTER1 can i use as a source or i can only use public ip .....

Labels:
0 Helpful
4 Replies 4

Diego Lopez
Level 1
Level 1

‎01-08-2016 12:22 PM

Hello,

Yes, you can use the loopback just make sure that the network assigned to the loopback is not in use.

The site to site configuration is the same, the interesting traffic needs to be defined with the network assigned to the loopback that's it the rest of the config works the same way.

If you want to send a ping from the loopback just make sure that you use the source statement for example:

ping x.x.x.x source loopback 0

You can follow this documentation to setup the site to site tunnel between two routers:

http://www.cisco.com/c/en/us/support/docs/routers/1700-series-modular-access-routers/71462-rtr-l2l-ipsec-split.html

Don't forget to rate, thanks.

Richard Burts
Hall of Fame
Hall of Fame
In response to Diego Lopez

‎01-08-2016 01:22 PM

Yes you certainly can configure site to site tunnel using the loopback interface as tunnel source (and as tunnel destination). I have done this on many routers and it does work well. The configuration for this type of tunnel is not different from the configuration of a normal tunnel using the physical interface as source and destination. There are a couple of things that you need to keep in mind:

- the tunnel destination needs to be reachable from the tunnel source without the traffic going through the tunnel. So you need to have routing logic in place to make the remote loopback reachable from your local loopback.

- you need to make sure that you do not advertise the remote loopback/tunnel destination over the tunnel.

These points are not unique to tunnels with loopback interfaces and are also true of tunnels with physical interfaces. But I find it is easier to make mistakes which violate one or both of these when dealing with remote loopback as tunnel destination.

HTH

Rick

HTH

Rick

tankvishal1108
Level 1
Level 1
In response to Richard Burts

‎01-08-2016 05:22 PM

Thank you both

Richard can you give an example of configuration 

I mean what extra I need to do

I was trying to establish but it was not working 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to tankvishal1108

‎01-09-2016 03:20 PM

There is not anything extra that you need to do. That is why I said that configuration of this tunnel is not different from a normal tunnel.

If it is not working then we can look for the reasons why it is not working. As a start would you do the ping as suggested by Diego? I would suggest doing the ping from each of the routers to the other router loopback and specifying that the source of the ping is the local loopback interface. It would look something like

ping x.x.x.x source loopback 0

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents