Solved

VPN VTI vs GRE

Posted on 2014-04-28
2
2,014 Views
Last Modified: 2014-04-29
How do I know if my config is a VPN VTI or GRE config? The reason I ask is because it looks like my crypto config is VTI. But the ACL is for GRE instead of IP:

ip access-list extended vpn100
permit gre host 5.9.3.1 host 18.7.69.10

 
Below is my partial vpn config:

crypto isakmp policy 10
encr 3de
authentication pre-share
group 2

crypto isakmp key cisco123 address 18.7.69.10 no-xauth
!
crypto ipsec transform-set vpn-transformset esp-3des esp-sha-hmac
!
crypto map vpn-map 10 ipsec-isakmp
set peer 18.7.69.10
set transform-set vpn-transformset
match address vpn100

 Thank you for any inputs.
0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 250 total points
ID: 40029428
Here is a good link pointing out advantages of VTI:

https://supportforums.cisco.com/blog/149426/advantages-vti-configuration-ipsec-tunnels


harbor235 ;}
0
 
LVL 22

Assisted Solution

by:Jody Lemoine
Jody Lemoine earned 250 total points
ID: 40030917
You're definitely not using VTI in this configuration. VTI doesn't use crypto maps, but assigns an IPSec policy to the tunnel interface instead. Based on the partial configuration provided, you should have a tunnel interface with a default encapsulation (GRE) and a destination of 18.7.69.10.
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VLAN CONFIGURATION 2 61
software inventory tools 3 68
asset tags - importance 3 57
Problems with VPN 4 27
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question