GRE Tunnel












Configuring point-to-point GRE VPN Lab



I saw this exercise in this website:Google Drive-click here
 It was part of Cisco Network Academy. We wanted to do the lab.
The graphic was this one:  




 




  • We need to understand this first:   

      • People are more familiar with the term  Fasthernet  (FA) interface than (Ga), so we will use it. 

        •  We will use our own site  so we will share a document with our personal information so it would be easier  for users to understand and apply..The address is https://goo.gl/soO79n

      • Instead of using s0/0/0  we will use s0/0

        • I will try to make your life easier: use copy and paste

        • In this exercise we will use GNS3, to make our life easier for the explanations instead of real equipment

        •  Instead of using tunnel 0  we will use tunnel 1 ( so we can have a more realistic number)

          • IP 255.255.255.252 is a cider mask of 30 bit mask



What are we going to do:

1.-Configure basic device setting
2.-Configure GRE tunnel
3.-Enable routing over GRE tunnel



So our address table will look like this:

 


Part 1: Configure Basic Device Settings


In Part 1, you will set up the network topology and configure basic router settings, such as the interface IP addresses, routing, device access, and passwords.

Step 1: Cable the network as shown in the topology.

Step 2: Initialize and reload the routers and switches.



__________________________WEST CONFIGURATION _______________________
conf t
hostname WEST
int fa0/1
ip address 172.16.1.1 255.255.255.0
no shut

int s0/0
ip address 10.1.1.1 255.255.255.252
clock rate 128000
no shutdown


____________________________  EAST CONFIGURATION  ______________
conf t
hostname EAST
int fa0/1
ip address 172.16.2.1 255.255.255.0
no shut

int s0/1
ip address 10.2.2.1 255.255.255.252

no shutdown

 ______________________________  ISP  CONFIGURATION  ______________
conf t
hostname ISP
int s0/0
ip address 10.1.1.2 255.255.255.252
no shutdown

int s0/1
ip address 10.2.2.2 255.255.255.252
clock rate 128000
no shut
______________________________________________

 After doing some copy and paste , you should have something similar to this:










 

 Step 3: Configure default routes to the ISP router.

WEST(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.2

EAST(config)# ip route 0.0.0.0 0.0.0.0 10.2.2.2

 

Part 2: Configure a GRE Tunnel


Step 1
WEST:


 interface tunnel 1
 ip address 172.16.12.1 255.255.255.252
tunnel source s0/0
tunnel destination 10.2.2.1

EAST:

 interface tunnel 1
 ip address 172.16.12.2 255.255.255.252
 tunnel source s0/1
 tunnel destination 10.1.1.1

We got this:

 


 


The tunnel is up !

Step 2: Verify that the GRE tunnel is functional.

A.-Verify the status of the tunnel interface on the WEST and EAST routers.

WEST# show ip interface brief

 



Issue the show interfaces tunnel 1command to verify the tunneling protocol, tunnel source, and tunnel destination used in this tunnel.

What is the tunneling protocol used? What are the tunnel source and destination IP addresses associated with GRE tunnel on each router?

For that answer we can easily check on West Router

 


C.- Ping across the tunnel from the WEST router to the EAST router using the IP address of the tunnel interface.

WEST# ping 172.16.12.2
D.-Use the traceroute command on the WEST to determine the path to the tunnel interface on the EAST router. What is the path to the EAST router?

E.-Ping and trace the route across the tunnel from the EAST router to the WEST router using the IP address of the tunnel interface.What is the path to the WEST router from the EAST router?
With which interfaces are these IP addresses associated? Why?

The answer is each interface is associated with the  interface for tunnel 1 of each one of the other router (East and West)


Part 3: Enable Routing over the GRE Tunnel


In Part 3, you will configure OSPF routing so that the LANs on the WEST and EAST routers can communicate using the GRE tunnel.After the GRE tunnel is set up, the routing protocol can be implemented. For GRE tunneling, a network statement will include the IP network of the tunnel, instead of the network associated with the serial interface. just like you would with other interfaces, such as Serial and Ethernet. Remember that the ISP router is not participating in this routing process.

Step 1: Configure OSPF routing for area 1 over the tunnel.


 a. Configure OSPF process ID 1 using area 0 on the WEST router for the 172.16.1.0/24 and 172.16.12.0/24

networks.

WEST

router ospf 1

 network 172.16.1.0 0.0.0.255 area 0

 network 172.16.12.0 0.0.0.3 area 0

b. Configure OSPF process ID 1 using area 0 on the EAST router for the 172.16.2.0/24 and 172.16.12.0/24 networks.

EAST
 router ospf 1

 network 172.16.2.0 0.0.0.255 area 0

 network 172.16.12.0 0.0.0.3 area 0


The results?we did it first on West router..Them , at last on East router . We can see that here


C.- Ping across the tunnel from the WEST router to the EAST router using the IP address of the tunnel interface.

WEST# ping 172.16.12.2
D.- Use the traceroute command on the WEST to determine the path to the tunnel interface on the EAST router. What is the path to the EAST router?

E.-Ping and trace the route across the tunnel from the EAST router to the WEST router using the IP address of the tunnel interface.What is the path to the WEST router from the EAST router?
With which interfaces are these IP addresses associated? Why?

The answer is each interface is associated with the  interface for tunnel 1 of each one of the other router (East and West)


Part 3: Enable Routing over the GRE Tunnel


In Part 3, you will configure OSPF routing so that the LANs on the WEST and EAST routers can communicate using the GRE tunnel.After the GRE tunnel is set up, the routing protocol can be implemented. For GRE tunneling, a network statement will include the IP network of the tunnel, instead of the network associated with the serial interface. just like you would with other interfaces, such as Serial and Ethernet. Remember that the ISP router is not participating in this routing process.

Step 1: Configure OSPF routing for area 1 over the tunnel.


 a. Configure OSPF process ID 1 using area 0 on the WEST router for the 172.16.1.0/24 and 172.16.12.0/24

networks.

WEST

router ospf 1

 network 172.16.1.0 0.0.0.255 area 0

 network 172.16.12.0 0.0.0.3 area 0

b. Configure OSPF process ID 1 using area 0 on the EAST router for the 172.16.2.0/24 and 172.16.12.0/24 networks.

EAST
 router ospf 1

 network 172.16.2.0 0.0.0.255 area 0

 network 172.16.12.0 0.0.0.3 area 0


The results?we did it first on West router..Them , at last on East router . We can see that here




 We can see the adjacency it was form

 Step 2: Verify OSPF routing.


a. From the WEST router, issue the show ip route command to verify the route to 172.16.2.0/24 LAN on the EAST router.
best technology blogs
best technology blogs





 Exercise is done!





GRE Tunnel GRE Tunnel Reviewed by victor melo on 1:55 PM Rating: 5

5 comments:

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. Replies
    1. Hello Manuel...What I posted here was a screen shoot of my computer..There are 3 parts of this lab: 1.-Configuration of the devices, 2.- Configuration of GRE tunnel and 3.- enabling the GRE.We finish with verification..
      What part are you missing or left behind?
      Can you send me your email with the screen shoot to see what you see?
      I am here to help you!

      Regards..

      Victor

      Delete
  3. Hi,
    Thank,I Am new to IT, i want to understand something please. It was to connect two sites. I know that if it was many sites, five for example, we can use DMVPN. And what about Frame Relay please? What is the difference between DMVPN and Frame Relay?

    ReplyDelete
  4. They are two different technologies with different purpose :Frame relay is a technology that focus on physical and logical link layers of digital telecommunications channels using a packet switching methodology and DMVPN is a combination of different technologies (Dynamic Multipoint VPN) and it is an effective solution for dynamic secure overlay networks using MGRE, NHRP,CEF Dynamic routing protocols, Dynamic IPsec encription etc, among others.

    ReplyDelete

Theme images by chuwy. Powered by Blogger.