From: Ganesh Iyyappan (GaneshI@virtusa.com)
Date: Mon Aug 16 2004 - 09:55:47 GMT-3
lost formatting in the previous post, Here is the diagram,
Our side Client network
GRE tunnel 10.10.10.2(pub ip) 50.50.50.1 (pub ip)
PIX-------------> 1750 Router -------------Internet------------ GRE/IPSEC Router
10.10.10.1 | |
(pub ip) | |
Host1 20.20.20.1 40.40.40.1 Host2
Hi,
Requirement is,
Traffic from Host1 to Host2 should gothrough GRE tunnel over IPSEC,
Our client has configured IPSEC tunnel and GRE on the same router, and he want
us to do the same at our end, but the router doesn't have enough flash to load
the correct required IOS, So I have created a IPSEC tunnel on the PIX and
intiating GRE from the 1750 router. If I intiate traffic from the host1 to
host2, its flowing through the GRE then hits the PIX and the IPSEC tunnel get
created. ISKAKMP & IPSEC negoatiations completed without any errors, But there
are #send errors and traffic is not getting encrypted.
One problem here is on the client GRE/IPSEC router the tunnel end points for
both GRE & IPSEC is 10.10.10.1 (PIX), Will this work If I ask the client to
change the tunnel end points as below,
GRE end point - 10.10.10.2 (tunnel destination)
IPSEC end point - 10.10.10.1
Please guide me to get this done.
Thanks
Ganesh
-----------------------------------------------------------------------------
---------------------
This message, including any attachments, contains
confidential information intended for a specific individual and purpose, and
is intended for the addressee only. Any unauthorized disclosure, use,
dissemination, copying, or distribution of this message or any of its
attachments or the information contained in this e-mail, or the taking of any
action based on it, is strictly prohibited. If you are not the intended
recipient, please notify the sender immediately by return e-mail and delete
this message.
-----------------------------------------------------------------------------
----------------
This message, including any attachments, contains
confidential information intended for a specific individual and purpose, and
is intended for the addressee only. Any unauthorized disclosure, use,
dissemination, copying, or distribution of this message or any of its
attachments or the information contained in this e-mail, or the taking of any
action based on it, is strictly prohibited. If you are not the intended
recipient, please notify the sender immediately by return e-mail and delete
this message.
--------------------------------------------------------------------------------------------------
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.
---------------------------------------------------------------------------------------------
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:44 GMT-3