GRE Tunnel
Configuring point-to-point GRE VPN Lab
I saw this exercise in this website:Google Drive-click here
It was part of Cisco Network Academy. We wanted to do the lab.
The graphic was this one:
We need to understand this first:
People are more familiar with the term Fasthernet (FA) interface than (Ga), so we will use it.
We will use our own site so we will share a document with our personal information so it would be easier for users to understand and apply..The address is https://goo.gl/soO79n
Instead of using s0/0/0 we will use s0/0
I will try to make your life easier: use copy and paste
In this exercise we will use GNS3, to make our life easier for the explanations instead of real equipment
Instead of using tunnel 0 we will use tunnel 1 ( so we can have a more realistic number)
IP 255.255.255.252 is a cider mask of 30 bit mask
What are we going to do:
1.-Configure basic device setting2.-Configure GRE tunnel
3.-Enable routing over GRE tunnel
So our address table will look like this:
Part 1: Configure Basic Device Settings
In Part 1, you will set up the network topology and configure basic router settings, such as the interface IP addresses, routing, device access, and passwords.
Step 1: Cable the network as shown in the topology.
Step 2: Initialize and reload the routers and switches.
__________________________WEST CONFIGURATION _______________________
conf t
hostname WEST
int fa0/1
ip address 172.16.1.1 255.255.255.0
no shut
int s0/0
ip address 10.1.1.1 255.255.255.252
clock rate 128000
no shutdown
____________________________ EAST CONFIGURATION ______________
conf t
hostname EAST
int fa0/1
ip address 172.16.2.1 255.255.255.0
no shut
int s0/1
ip address 10.2.2.1 255.255.255.252
no shutdown
______________________________ ISP CONFIGURATION ______________
conf t
hostname ISP
int s0/0
ip address 10.1.1.2 255.255.255.252
no shutdown
int s0/1
ip address 10.2.2.2 255.255.255.252
clock rate 128000
no shut
______________________________________________
After doing some copy and paste , you should have something similar to this:
Step 3: Configure default routes to the ISP router.
WEST(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.2
EAST(config)# ip route 0.0.0.0 0.0.0.0 10.2.2.2
Part 2: Configure a GRE Tunnel
Step 1
WEST:
interface tunnel 1
ip address 172.16.12.1 255.255.255.252
tunnel source s0/0
tunnel destination 10.2.2.1
EAST:
interface tunnel 1
ip address 172.16.12.2 255.255.255.252
tunnel source s0/1
tunnel destination 10.1.1.1
We got this:
The tunnel is up !
Step 2: Verify that the GRE tunnel is functional.
A.-Verify the status of the tunnel interface on the WEST and EAST routers.
WEST# show ip interface brief
Issue the show interfaces tunnel 1command to verify the tunneling protocol, tunnel source, and tunnel destination used in this tunnel.
What is the tunneling protocol used? What are the tunnel source and destination IP addresses associated with GRE tunnel on each router?
For that answer we can easily check on West Router
C.- Ping across the tunnel from the WEST router to the EAST router using the IP address of the tunnel interface.
WEST# ping 172.16.12.2
D.-Use the traceroute command on the WEST to determine the path to the tunnel interface on the EAST router. What is the path to the EAST router?
E.-Ping and trace the route across the tunnel from the EAST router to the WEST router using the IP address of the tunnel interface.What is the path to the WEST router from the EAST router?
With which interfaces are these IP addresses associated? Why?
The answer is each interface is associated with the interface for tunnel 1 of each one of the other router (East and West)
Part 3: Enable Routing over the GRE Tunnel
In Part 3, you will configure OSPF routing so that the LANs on the WEST and EAST routers can communicate using the GRE tunnel.After the GRE tunnel is set up, the routing protocol can be implemented. For GRE tunneling, a network statement will include the IP network of the tunnel, instead of the network associated with the serial interface. just like you would with other interfaces, such as Serial and Ethernet. Remember that the ISP router is not participating in this routing process.
Step 1: Configure OSPF routing for area 1 over the tunnel.
a. Configure OSPF process ID 1 using area 0 on the WEST router for the 172.16.1.0/24 and 172.16.12.0/24
networks.
WEST
router ospf 1network 172.16.1.0 0.0.0.255 area 0
network 172.16.12.0 0.0.0.3 area 0
b. Configure OSPF process ID 1 using area 0 on the EAST router for the 172.16.2.0/24 and 172.16.12.0/24 networks.
EAST
router ospf 1
network 172.16.2.0 0.0.0.255 area 0
network 172.16.12.0 0.0.0.3 area 0
The results?we did it first on West router..Them , at last on East router . We can see that here
C.- Ping across the tunnel from the WEST router to the EAST router using the IP address of the tunnel interface.
WEST# ping 172.16.12.2
D.- Use the traceroute command on the WEST to determine the path to the tunnel interface on the EAST router. What is the path to the EAST router?
E.-Ping and trace the route across the tunnel from the EAST router to the WEST router using the IP address of the tunnel interface.What is the path to the WEST router from the EAST router?
With which interfaces are these IP addresses associated? Why?
The answer is each interface is associated with the interface for tunnel 1 of each one of the other router (East and West)
Part 3: Enable Routing over the GRE Tunnel
In Part 3, you will configure OSPF routing so that the LANs on the WEST and EAST routers can communicate using the GRE tunnel.After the GRE tunnel is set up, the routing protocol can be implemented. For GRE tunneling, a network statement will include the IP network of the tunnel, instead of the network associated with the serial interface. just like you would with other interfaces, such as Serial and Ethernet. Remember that the ISP router is not participating in this routing process.
Step 1: Configure OSPF routing for area 1 over the tunnel.
a. Configure OSPF process ID 1 using area 0 on the WEST router for the 172.16.1.0/24 and 172.16.12.0/24
networks.
WEST
router ospf 1network 172.16.1.0 0.0.0.255 area 0
network 172.16.12.0 0.0.0.3 area 0
b. Configure OSPF process ID 1 using area 0 on the EAST router for the 172.16.2.0/24 and 172.16.12.0/24 networks.
EAST
router ospf 1
network 172.16.2.0 0.0.0.255 area 0
network 172.16.12.0 0.0.0.3 area 0
The results?we did it first on West router..Them , at last on East router . We can see that here
We can see the adjacency it was form
Step 2: Verify OSPF routing.
a. From the WEST router, issue the show ip route command to verify the route to 172.16.2.0/24 LAN on the EAST router.
best technology blogs
Exercise is done!
GRE Tunnel
Reviewed by ohhhvictor
on
1:55 PM
Rating:
This comment has been removed by a blog administrator.
ReplyDeleteNot Work!!!
ReplyDeleteHello Manuel...What I posted here was a screen shoot of my computer..There are 3 parts of this lab: 1.-Configuration of the devices, 2.- Configuration of GRE tunnel and 3.- enabling the GRE.We finish with verification..
DeleteWhat part are you missing or left behind?
Can you send me your email with the screen shoot to see what you see?
I am here to help you!
Regards..
Victor
Hi,
ReplyDeleteThank,I Am new to IT, i want to understand something please. It was to connect two sites. I know that if it was many sites, five for example, we can use DMVPN. And what about Frame Relay please? What is the difference between DMVPN and Frame Relay?
They are two different technologies with different purpose :Frame relay is a technology that focus on physical and logical link layers of digital telecommunications channels using a packet switching methodology and DMVPN is a combination of different technologies (Dynamic Multipoint VPN) and it is an effective solution for dynamic secure overlay networks using MGRE, NHRP,CEF Dynamic routing protocols, Dynamic IPsec encription etc, among others.
ReplyDelete