Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
783
Views
0
Helpful
2
Replies

Whether I have to remove GRE tunnel before implementing IPsec

sajsoft
Level 1
Level 1

‎03-22-2005 04:21 AM - edited ‎02-21-2020 01:40 PM

Currenlty we are having GRE tunnel between the routers.we are going to implement ipsec tunnels.

Planning to apply IPsec map on these GRE tunnels.Is that recommended?

Whether I have to remove GRE tunnel before implementing IPsec.

Thanks

Saj

Labels:
0 Helpful
2 Replies 2

Philip D'Ath
VIP Alumni
VIP Alumni

‎03-22-2005 04:40 AM

It's the other way around, you can run GRE on top of IPSec.

You just build IPSec security associations between your GRE tunnel end points.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Philip D'Ath

‎03-22-2005 10:27 AM

Whether you need to remove GRE before running IPSec will depend on what your real requirements and objectives are. In most cases it is not necessary and in fact in most cases it is desirable to run a combination of IPSec with GRE tunnels. For expample if you want to support multicast traffic (used by routing protocols like EIGRP and OSPF) then you need both IPSec and GRE.

Where to apply the IPSec crypto map will depend on the version of IOS that you are running. In older versions you need to apply the map on both the tunnel interface and the physical interface. In recent versions of IOS the map is applied only on the physical interface where IPSec enters and exits the router.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents