Gre-ipsec tunnel application, Protocols and standards, Configuring a gre over ipv4 tunnel – H3C Technologies H3C SecPath F1000-E User Manual
Page 16: Configuration prerequisites
4
VPN establishment by connecting discontinuous subnets
Figure 6 Connect discontinuous subnets with a tunnel to form a VPN
In the example as shown in
, Group 1 and Group 2 running Novell IPX are deployed in different
cities. They can constitute a trans-WAN virtual private network (VPN) through the tunnel.
GRE-IPsec tunnel application
Figure 7 GRE-IPsec tunnel application
GRE can work with IPsec, allowing data packets like routing protocol, voice, and video packets to be
encapsulated by GRE and then encrypted by IPsec to improve security of data transmission in a tunnel.
Protocols and standards
•
RFC 1701, Generic Routing Encapsulation (GRE)
•
RFC 1702, Generic Routing Encapsulation over IPv4 networks
•
RFC 2784, Generic Routing Encapsulation (GRE)
Configuring a GRE over IPv4 tunnel
Configuring a GRE over IPv4 tunnel in the web interface
Configuration prerequisites
On each of the peer devices, configure an IP address for the interface to be used as the source interface
of the tunnel interface (for example, a VLAN interface, GigabitEthernet interface, or loopback interface),
and make sure this interface can communicate with the interface used as the source interface of the
tunnel interface on the peer device.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS