Solved

GRE over IPSec for DR

Posted on 2006-10-20
3
458 Views
Last Modified: 2008-01-09
Scenario is as follows:

1 PIX that will be utilizing an IPSEC tunnel to an ASA at another site.

1 router behind the PIX needs to tunnel GRE to a router behind the ASA.  (for EIGRP routing updates)

This will be utilized in a DR scenario where our core connection goes away.

Any assistance in pointing me in the right direction is appreciated.  I know there are some issues routing GRE over IPSEC and I'd like to avoid them if possible.
0
Comment
Question by:NetAdmin5555
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Accepted Solution

by:
periferral earned 500 total points
ID: 17883533
I dont see why there would be a problem. Once an IPSec tunnel is established between the PIX and ASA, all traffic should just go through the tunnel. The router to router GRE should just work. If not,

try fixup pptp on the ASA device and you should be okay.
fixup pptp 1723
or
policy-map global_policy
 class inspection_default
  inspect pptp

0
 
LVL 1

Expert Comment

by:Computer101
ID: 20286670
Forced accept.

Computer101
EE Admin
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question