From: Charles Church (cchurch@wamnet.com)
Date: Tue Jul 15 2003 - 14:32:40 GMT-3
I suppose if you had a large amount of IPX traffic that didn't need to be
encrypted but did need to be tunneled over the IP networks, then IPSec over
GRE might make sense. No sense wasting router CPU if you don't need to
encrypt something.
Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 703-819-3495
cchurch@wamnet.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?search=chuck+church&op=index
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Joe Deleonardo
Sent: Tuesday, July 15, 2003 1:09 PM
To: cciesecurity@yahoogroups.com; ccielab@groupstudy.com;
security@groupstudy.com
Subject: IPSec over GRE -vs- GRE over IPSec
IPSec over GRE -vs- GRE over IPSec.
Alright is this just a play on words or what? GRE over IPSec makes sense,
it's used to transport non unicast traffic.
But why would you want to do IPSec over GRE. Does anyone have a link to a
config example? ... if it's something?
Thanks,
Joe
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:40 GMT-3