Network Security Fundamentals [Electronic resources]

Gert De Laet, Gert Schauwers

نسخه متنی -صفحه : 196/ 102

Generic Routing Encapsulation Tunnels

Generic Routing Encapsulation (GRE) tunnels are the simplest form of VPNs, and they are very easy to configure. Figure 12-4 shows a GRE tunnel from Router A to Router D. When a packet is sent through the tunnel, it is encapsulated in a GRE packet, so Router B and Router C do not see the original packet.

Figure 12-4. GRE Tunnels

[View full size image]

Example 12-1 shows how to configure a GRE tunnel on Router A and Router D.

Example 12-1. Configuring a GRE Tunnel on Router A and Router D

RouterA#configure terminal 
4w5d: %SYS-5-CONFIG_I: Configured from console by console
Enter configuration commands, one per line.  End with CNTL/Z.
RouterA(config)#
interface FastEthernet1/0 
RouterA(config-if)#
ip address 130.130.130.1 255.255.255.0 
RouterA(config-if)#
no shutdown 
RouterA(config-if)#
exit 
RouterA(config)#
interface Tunnel1 
RouterA(config-if)#
ip address 10.10.10.1 255.255.255.252 
RouterA(config-if)#
tunnel destination 140.140.140.1 
RouterA(config-if)#
tunnel source 130.130.130.1 
RouterA(config-if)#
end 
RouterA#
________________________________________________________________
RouterD#
configure terminal 
4w5d: %SYS-5-CONFIG_I: Configured from console by console
Enter configuration commands, one per line.  End with CNTL/Z.
RouterD(config)#
interface FastEthernet1/0 
RouterD(config-if)#
ip address 140.140.140.1 255.255.255.0 
RouterD(config-if)#
no shutdown 
RouterD(config-if)#
exit 
RouterD(config)#
interface Tunnel1 
RouterD(config-if)#
ip address 10.10.10.2 255.255.255.252 
RouterD(config-if)#
tunnel destination 130.130.130.1 
RouterD(config-if)#
tunnel source 140.140.140.1 
RouterD(config-if)#
end 
RouterD#