Thursday, April 2, 2015

In by 3 comments

GRE Tunnel Configuration (CCNP)

GRE (Generic Routing encapsulation)
Ø  It is the simplest protocol
Ø  It encapsulate inside or outside ip address
Ø  GRE is nothing to do with encryption that IPsec provide
Ø  We use GRE for Multicast traffic
Ø  It allow us to start treating the VPN connection like we using private link

R1 interface Configuration
Ø  R1(config)#interface serial 1/0
Ø  R1(config-if)#description CONNECTED WITH INTERNET
Ø  R1(config-if)#ip address 100.100.100.2 255.255.255.252
Ø  R1(config-if)#no shut
Ø  R1(config-if)#exit

Ø  R1(config)#interface fastEthernet 0/0
Ø  R1(config-if)#description CONNECTED WITH SW1
Ø  R1(config-if)#ip address 192.168.2.1 255.255.255.0
Ø  R1(config-if)#no shut
Ø  R1(config-if)#exit



Internet Router interface Configuration
Ø  internet(config)#interface serial 1/0
Ø  internet(config-if)#description CONNECTED WITH R1
Ø  internet(config-if)#ip address 100.100.100.1 255.255.255.252
Ø  internet(config-if)#clock rate 64000
Ø  internet(config-if)#no shut
Ø  internet(config-if)#exit

Ø  internet(config)#interface serial 1/1
Ø  internet(config-if)#description CONNECTED WITH R2
Ø  internet(config-if)#ip address 200.200.200.1 255.255.255.252
Ø  internet(config-if)#clock rate 64000
Ø  internet(config-if)#no shut
Ø  internet(config-if)#exit

Router 2 interface Configuration
Ø  R2(config)#interface serial 1/1
Ø  R2(config-if)#description CONNECTED WITH INTERNET
Ø  R2(config-if)#ip address 200.200.200.2 255.255.255.252
Ø  R2(config-if)#no shut
Ø  R2(config-if)#exit

Ø  R2(config)#interface fastEthernet 0/0
Ø  R2(config-if)#description CONNECTED WITH SW2
Ø  R2(config-if)#ip address 10.250.250.1 255.255.255.0
Ø  R2(config-if)#no shut
Ø  R2(config-if)#exit

GRE Tunnel interface Configuration in R1 and R2
Ø  R1(config)#interface tunnel 1                  1:- Tunnel Number
Ø  R1(config-if)#description TUNNEL DIRECTLY CONNECTING TO R2
Ø  R1(config-if)#tunnel source 100.100.100.2         source Public ip address of R1
Ø  R1(config-if)#tunnel destination 200.200.200.2      Destination Public ip address of R2
Ø  R1(config-if)#ip address 172.16.16.1 255.255.255.252    Private ip address for Tunnel
Ø  R1(config-if)#exit

Ø  R2(config)#interface tunnel 2                                  2:- Tunnel Number
Ø  R2(config-if)#description TUNNEL DIRECTLY CONNECTING TO R1
Ø  R2(config-if)#tunnel source 200.200.200.2     source Public ip address of R2
Ø  R2(config-if)#tunnel destination 100.100.100.2      Destination Public ip address of R1
Ø  R2(config-if)#ip address 172.16.16.2 255.255.255.252    Private ip address for Tunnel
Ø  R2(config-if)#exit

Protocol Configuration in R1 and R2 to exchange their route
Ø  R1(config)#router rip
Ø  R1(config-router)#version 2
Ø  R1(config-router)#network 192.168.2.0          {R1 internal network}
Ø  R1(config-router)#network 172.16.16.0          {R1 Tunnel Network}
Ø  R1(config-router)#no auto-summary
Ø  R1(config-router)#exit

Ø  R1(config)#ip route 0.0.0.0 0.0.0.0 s1/0            {default route to internet}

Ø  R2(config)#router rip
Ø  R2(config-router)#version 2
Ø  R2(config-router)#network 10.250.250.0          {R2 internal network}
Ø  R2(config-router)#network 172.16.16.0            {R2 Tunnel Network}
Ø  R2(config-router)#no auto-summary
Ø  R2(config-router)#exit

Ø  R2(config)#ip route 0.0.0.0 0.0.0.0 s1/1           {default route to internet}

Troubleshooting & Verification Commands
Ø  Show ip interface brief
Ø  Show ip route
Ø  Show interfaces tunnel 2                                   (Tunnel Number)

Ø  Verify using
Ø  Traceroute from PC1 to PC2
Ø  All the traffic will go through Tunnel


Ø  GRE tunnel acts as all the devices are connected in same Ethernet segment

Ø  And also It hides the public address
Click here to Download The PDF File


3 comments:

  1. HewnikelMarch 6, 2018 at 4:28 PM

    Hello and thank you for this example!
    However, please explain to me how the INTERNET router forwards the packets in this case since it's not configured with any routing protocol. and in Packet tracer, if I don't use INTERNET router, it doesn't work!

    ReplyDelete
  2. HewnikelMarch 6, 2018 at 4:29 PM

    Hello and thank you for this example!
    However, please explain to me how the INTERNET router forwards the packets in this case since it's not configured with any routing protocol. and in Packet tracer, if I don't use INTERNET router, it doesn't work!

    ReplyDelete
  3. Vale Co XeniaJanuary 8, 2021 at 1:52 PM

    Great Article
    Cyber Security Projects

    projects for cse

    Networking Security Projects

    JavaScript Training in Chennai

    JavaScript

    Training in Chennai

    The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals,

    Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer.

    Angular Training

    ReplyDelete

© 2012 Best Cisco CCNA CCNP and Linux/CentOS PDF Notes
Designed By Shubham Kumar