IP tunnel

Posted on 2006-06-02
Last Modified: 2011-04-14
interface Tunnel1
 description XX-YY
 ip address
 ip mtu 1500
 ip nat inside
 tunnel source
 tunnel destination

I don't have any concept of IP tunnel and I want to clarify my understanding.

Do it mean that any packet pass through this tunnel will be encrypted with a source IP of with destination of What is the IP of the Tunnel 1 use for ? Any good reference and example on how IP tunneling work ?
Question by:AXISHK
    LVL 2

    Accepted Solution

    IP tunnel is generic term for using packet encapsulation to pass packets through one or more networks. Encryption is an additional step one can add during the packet encapsulation.

    The few lines of configuration shown looks like GRE IP tunnel for cisco routers, but only for one half of the tunnel.

    For more reference you can look at:

    at the "Configure a Tunnel Interface" section.
    LVL 8

    Assisted Solution

    The current packets including its IP header with source address & port will be encrypted then encapsulated in a new packets with its own header. The new packet`s source and destination address are router`s WAN IP on both ends of the tunnel.

    At the other end the packets is decapsulated, decrypted, then placed on the LAN segment.

    Author Comment

    Hi, Danny

    Do you mean the new packet will use the IP of the "tunnel source" and "tunnel destination" as the source and destination ?

    What is the usage of IP address of the Tunnel interface ? To me, it seem that tunnel source and destination is only involved in the routing, rather than the Tunnel IP address. True ?

    LVL 9

    Assisted Solution

    You oftentimes create a GRE tunnel over an IPSec tunnel.  The reason in that case that the tunnel would have IP addresses on each end is so that routing protocols and/or multicast traffic can pass.  Multicast and routing protocols (which utilize Multicast or broadcast) will not generally pass an IPSec tunnel.  Since you can't run your own routing protocol or multicast over the use tunnels.

    The tunnel IP's are generally on the inside of your network.  Like on the LAN interface of your router.  So now the tunnel can participate in routing and pass multicast and routing updates etc.

    Some other reasons for tunnels are using non-routable protocols, or tunneling IPX over an IP network (like the Internet)

    If you post more of the config (with pertinent info marked out) we could determine more precisely the need and config of your tunnel.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
    Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now