Solved: Site-to-Site VPN with GRE tunnel on ASA

ZenitGlobal · ‎03-19-2013

Hi all,

I have an ASA5500 series firewall and built a site-to-site vpn on it with my counterparty. Now that my side wants to receive multicast messages from the other side throught the GRE tunnel on the built Site-to-Site VPN.

I know that ASA5500 series can not act as a GRE tunnel endpoint. Do we need to add a cisco router behind the firewall in order to receive multicast messages? Or can we just let the GRE pass through the firewall to a PC or a server?

Thanks

Karsten Iwen · ‎03-19-2013

You are right that the ASA can not terminate the GRE-Tunnel. You need a second device behind the ASA to terminate that. Most often a router is used for that. But it doesn't matter what kind of device it is as long GRE-tunneling is supported. So it also could be a Linux-box or something like that. Personally I would use an IOS-router for that.

Sent from Cisco Technical Support iPad App

View solution in original post

Karsten Iwen · ‎03-19-2013

You are right that the ASA can not terminate the GRE-Tunnel. You need a second device behind the ASA to terminate that. Most often a router is used for that. But it doesn't matter what kind of device it is as long GRE-tunneling is supported. So it also could be a Linux-box or something like that. Personally I would use an IOS-router for that.

Sent from Cisco Technical Support iPad App

ZenitGlobal · ‎03-20-2013

Hi Karsten,

Thank you very much. We used Linux behind eventually.