GRE IPSEC and Loopback interface

Discussion in 'Cisco' started by Paul D, May 25, 2004.

  1. Paul D

    Paul D Guest

    Dear all

    Please excuse my ignorance, but I've been struggling for about 2 months now
    with configuring GRE over IPSEC using a Loopback interface as the source of
    the tunnel.

    I wish to tunnel all internal traffic (including communication generated by
    the routers) over the internet between our HQ and a remote office. I wish
    to encrypt all communication that passes over the public network, and hide
    all internal IP addresses.

    Our remote LAN uses the 10.20.80.0/24 subnet, and the HQ (being the "hub"
    where all networks join) can route to all other 10.0.0.0/8 networks.
    We also have multiple available public IP addresses on both sides.

    The following configuration closely matches what I am trying to achieve...
    http://www.cisco.com/warp/public/707/ipsec_gre.shtml


    ....except that, it's not clear to me which interfaces would need public IPs
    in our scenario.

    I think the ethernet interfaces (10.64.10.0/27) are equivalent to our
    Internet interfaces. However, would the 192.168.1.1 & 192.168.2.1 and
    10.1.1.1 & 10.1.1.2 IP addresses need to be public or private?

    Also, if I wished to use static routes initially, what would be the best way
    (in terms of next hop or outgoing interface) to point the HQ router (router
    "Light") to networks 10.1.1.2/32, 192.168.2.1/32 and 172.16.2.1/24?



    I'd be indebted to you (almost) forever if you can assist! ;-)

    Thank you kindly!
    Paul
     
    Paul D, May 25, 2004
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.