This document illustrates a basic Cisco IOS Firewall configuration with Network Address Translation (NAT). This configuration allows traffic to be initiated from inside the 10.1.1.x and 172.16.1.x networks to the Internet and NATed along the way. A generic routing encapsulation (GRE) tunnel is added to tunnel IP and IPX traffic between two private networks. When a packet arrives at the outbound interface of the router and if it is sent down the tunnel, it is first encapsulated using GRE and then encrypted with IPsec. In other words, any traffic permitted to enter the GRE tunnel is also encrypted by IPsec.
see also:
Configuring a GRE Tunnel over IPSec with OSPF.
Configuring IPsec Router-to-Router Hub and Spoke with Communication Between the Spokes
No comments:
Post a Comment