GRE/IPSEC VS Site-To-Site VPN

Hi,

can anyone shade light on which one is a better option to have in terms of security . managebility , configuration and administration if you are talking about only Router to Router meaning branch router to head office router using Cisco 1800 and 2800 Routers. I hope my point is clear. +

if any good links on how to configure GRE Tunnel with IPSec would be of great help.

LVL 1
lomareeAsked:
Who is Participating?
 
stressedout2004Connect With a Mentor Commented:
Put it this way, if you are running dynamic routing protocols (OSPF, EIGRP.. etc) on each router and would like to dynamically exchange routing updates or multicast traffic or non IP traffic over the VPN tunnel, then you should no doubt use GRE/IPSEC. If you have static routes and just IP traffic that will be going over the tunnel, use plain IPSEC.  Both solution offers security. Configuration of both is pretty straightforward, but GRE/IPSEC can be complicated on the routing side of things.

This is the simplest config I can find (Just ignore the CBAC and NAT part):

Configuring Router-to-Router IPSec (Pre-shared Keys) on GRE Tunnel with CBAC and NAT
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00800946b8.shtml
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.