How to configure IPSEC GRE Tunnel

Рет қаралды 14,672

Amin Sedighfar

Күн бұрын

Пікірлер: 32

@johnlj_ciscocertified Жыл бұрын

thanks for sharing, information on GRE & IPsec. i love this!

@aminsedighfar Жыл бұрын

Thanks for your kind comment 🤓🙏🏻

@muratemredemircioglu2897 6 ай бұрын

Hey Amin, great video. I would like to ask that at 10:20 , the specified key is clear-text when I do show run. Also service password-encryption command does not hide the key. Is there a way to hash that key similar to enable secret?

@afshin9 2 жыл бұрын

very informative, thank you for sharing, hope to see more from you buddy

@aminsedighfar 2 жыл бұрын

Thanks 🙏🏻

@saleemnaseer1279 Жыл бұрын

Very informative and easy to understand.

@aminsedighfar Жыл бұрын

Thanks for your comment ❤️

@mohammadabdi447 2 жыл бұрын

Hello and thanks to you Mr. Sedighfar . I have question for you... Did you ever try to connect two different device same as cisco router and a mikrotik with GRE over IPsec tunnel?

@aminsedighfar 2 жыл бұрын

Hi, unfortunately I didn’t! However, I know it’s doable.

@idwphoto707 3 жыл бұрын

Thanks for this demonstration! Some questions: would this config change when there are two ISP NAT routers in between the VPN routers? Does the ISP only has to forward ports 500 and 4500? Or do they also have to forward 47?

@aminsedighfar 3 жыл бұрын

Hi, thanks for your comment. For the first question I would say as long as you can ping the other side, everything is ok there’s no need to change anything.

@aminsedighfar 3 жыл бұрын

For the next question, to be honest I don’t know, I think those ports are already forwarded on the ISPs side (by default).

@gauravdesai1826 2 жыл бұрын

Very precise and accurate. Thank you for your effort. Only one thing to say @13:07 I believe network need to be advertised otherwise from where the interesting traffic will come. Please correct me if my understanding is wrong

@aminsedighfar 2 жыл бұрын

Thanks for your comment. But which network do you mean? Here they are connected via either static route or EIGRP.

@daryllg Жыл бұрын

Hi @Amin, I see you didnt attached the ISAKMP Key to IPSEC Profile, does this required?

@aminsedighfar Жыл бұрын

You don’t attach! It’s the encryption that must be the same on the both sides.

@daryllg Жыл бұрын

Thanks

@sandipanaec23 11 ай бұрын

Hello Amin...Thanks ...it's a brief and informative

@aminsedighfar 11 ай бұрын

I’m glad you found it useful 🙂

@aakashgautam2200 2 жыл бұрын

Hello can we do tunnel protection in gre mode multipoint ?

@aminsedighfar 2 жыл бұрын

I guess the same as what we did here. GRE Tunnel is already protected, you set authentication, encryption, isakmp, etc. Sorry, I’m not sure if I addressed your question.

@anahitarahimi3596 3 жыл бұрын

Well done Amin!

@aminsedighfar 3 жыл бұрын

Thanks 😊🙏

@supunniwarthanarathnayake6503 2 жыл бұрын

great video. very informative

@aminsedighfar 2 жыл бұрын

Thanks for your feedback

@workstation6606 Ай бұрын

What routers use?

@aminsedighfar Ай бұрын

@@workstation6606 you need to have the iOS first, then upload it to your router. I used C7200

@thomasleong9700 3 жыл бұрын

hi sir, why you no need to enable the gre ip mode ?

@aminsedighfar 3 жыл бұрын

To have an encrypted communication channel. In case someone captures your packets, he or she will not be able to understand it.

@asrolandass 2 жыл бұрын

Hello, I did research and I found out, that gre over ipsec better to use ipsec profile instead crypto map, because, this is newer method, crypto map is legacy, ipsec profile is shorter to write and due to the duplication of commands with crypto map.

@aminsedighfar 2 жыл бұрын

I also used the profile, thanks for your feedback.

@aminsedighfar 2 жыл бұрын

Furthermore, I have another video about IPSEC and VPN kzbin.info/www/bejne/iHaWhWlsgMaGd8U