?
Solved

VPN VTI vs GRE

Posted on 2014-04-28
2
Medium Priority
?
2,230 Views
Last Modified: 2014-04-29
How do I know if my config is a VPN VTI or GRE config? The reason I ask is because it looks like my crypto config is VTI. But the ACL is for GRE instead of IP:

ip access-list extended vpn100
permit gre host 5.9.3.1 host 18.7.69.10

 
Below is my partial vpn config:

crypto isakmp policy 10
encr 3de
authentication pre-share
group 2

crypto isakmp key cisco123 address 18.7.69.10 no-xauth
!
crypto ipsec transform-set vpn-transformset esp-3des esp-sha-hmac
!
crypto map vpn-map 10 ipsec-isakmp
set peer 18.7.69.10
set transform-set vpn-transformset
match address vpn100

 Thank you for any inputs.
0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 1000 total points
ID: 40029428
Here is a good link pointing out advantages of VTI:

https://supportforums.cisco.com/blog/149426/advantages-vti-configuration-ipsec-tunnels


harbor235 ;}
0
 
LVL 22

Assisted Solution

by:Jody Lemoine
Jody Lemoine earned 1000 total points
ID: 40030917
You're definitely not using VTI in this configuration. VTI doesn't use crypto maps, but assigns an IPSec policy to the tunnel interface instead. Based on the partial configuration provided, you should have a tunnel interface with a default encapsulation (GRE) and a destination of 18.7.69.10.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question