GRE Tunnel Configuration (CCNP)

GRE (Generic Routing encapsulation)

Ø  It is the simplest protocol

Ø  It encapsulate inside or outside ip address

Ø  GRE is nothing to do with encryption that IPsec provide

Ø  We use GRE for Multicast traffic

Ø  It allow us to start treating the VPN connection like we using private link

R1 interface Configuration

Ø  R1(config)#interface serial 1/0

Ø  R1(config-if)#description CONNECTED WITH INTERNET

Ø  R1(config-if)#ip address 100.100.100.2 255.255.255.252

Ø  R1(config-if)#no shut

Ø  R1(config-if)#exit

Ø  R1(config)#interface fastEthernet 0/0

Ø  R1(config-if)#description CONNECTED WITH SW1

Ø  R1(config-if)#ip address 192.168.2.1 255.255.255.0

Ø  R1(config-if)#no shut

Ø  R1(config-if)#exit

Internet Router interface Configuration

Ø  internet(config)#interface serial 1/0

Ø  internet(config-if)#description CONNECTED WITH R1

Ø  internet(config-if)#ip address 100.100.100.1 255.255.255.252

Ø  internet(config-if)#clock rate 64000

Ø  internet(config-if)#no shut

Ø  internet(config-if)#exit

Ø  internet(config)#interface serial 1/1

Ø  internet(config-if)#description CONNECTED WITH R2

Ø  internet(config-if)#ip address 200.200.200.1 255.255.255.252

Ø  internet(config-if)#clock rate 64000

Ø  internet(config-if)#no shut

Ø  internet(config-if)#exit

Router 2 interface Configuration

Ø  R2(config)#interface serial 1/1

Ø  R2(config-if)#description CONNECTED WITH INTERNET

Ø  R2(config-if)#ip address 200.200.200.2 255.255.255.252

Ø  R2(config-if)#no shut

Ø  R2(config-if)#exit

Ø  R2(config)#interface fastEthernet 0/0

Ø  R2(config-if)#description CONNECTED WITH SW2

Ø  R2(config-if)#ip address 10.250.250.1 255.255.255.0

Ø  R2(config-if)#no shut

Ø  R2(config-if)#exit

GRE Tunnel interface Configuration in R1 and R2

Ø  R1(config)#interface tunnel 1                  1:- Tunnel Number

Ø  R1(config-if)#description TUNNEL DIRECTLY CONNECTING TO R2

Ø  R1(config-if)#tunnel source 100.100.100.2         source Public ip address of R1

Ø  R1(config-if)#tunnel destination 200.200.200.2      Destination Public ip address of R2

Ø  R1(config-if)#ip address 172.16.16.1 255.255.255.252    Private ip address for Tunnel

Ø  R1(config-if)#exit

Ø  R2(config)#interface tunnel 2                                  2:- Tunnel Number

Ø  R2(config-if)#description TUNNEL DIRECTLY CONNECTING TO R1

Ø  R2(config-if)#tunnel source 200.200.200.2     source Public ip address of R2

Ø  R2(config-if)#tunnel destination 100.100.100.2      Destination Public ip address of R1

Ø  R2(config-if)#ip address 172.16.16.2 255.255.255.252    Private ip address for Tunnel

Ø  R2(config-if)#exit

Protocol Configuration in R1 and R2 to exchange their route

Ø  R1(config)#router rip

Ø  R1(config-router)#version 2

Ø  R1(config-router)#network 192.168.2.0          {R1 internal network}

Ø  R1(config-router)#network 172.16.16.0          {R1 Tunnel Network}

Ø  R1(config-router)#no auto-summary

Ø  R1(config-router)#exit

Ø  R1(config)#ip route 0.0.0.0 0.0.0.0 s1/0            {default route to internet}

Ø  R2(config)#router rip

Ø  R2(config-router)#version 2

Ø  R2(config-router)#network 10.250.250.0          {R2 internal network}

Ø  R2(config-router)#network 172.16.16.0            {R2 Tunnel Network}

Ø  R2(config-router)#no auto-summary

Ø  R2(config-router)#exit

Ø  R2(config)#ip route 0.0.0.0 0.0.0.0 s1/1           {default route to internet}

Troubleshooting & Verification Commands

Ø  Show ip interface brief

Ø  Show ip route

Ø  Show interfaces tunnel 2                                   (Tunnel Number)

Ø  Verify using

Ø  Traceroute from PC1 to PC2

Ø  All the traffic will go through Tunnel

Ø  GRE tunnel acts as all the devices are connected in same Ethernet segment

Ø  And also It hides the public address

Click here to Download The PDF File