Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

VPN VTI vs GRE

Posted on 2014-04-28
2
1,945 Views
Last Modified: 2014-04-29
How do I know if my config is a VPN VTI or GRE config? The reason I ask is because it looks like my crypto config is VTI. But the ACL is for GRE instead of IP:

ip access-list extended vpn100
permit gre host 5.9.3.1 host 18.7.69.10

 
Below is my partial vpn config:

crypto isakmp policy 10
encr 3de
authentication pre-share
group 2

crypto isakmp key cisco123 address 18.7.69.10 no-xauth
!
crypto ipsec transform-set vpn-transformset esp-3des esp-sha-hmac
!
crypto map vpn-map 10 ipsec-isakmp
set peer 18.7.69.10
set transform-set vpn-transformset
match address vpn100

 Thank you for any inputs.
0
Comment
Question by:leblanc
2 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 250 total points
ID: 40029428
Here is a good link pointing out advantages of VTI:

https://supportforums.cisco.com/blog/149426/advantages-vti-configuration-ipsec-tunnels


harbor235 ;}
0
 
LVL 22

Assisted Solution

by:Jody Lemoine
Jody Lemoine earned 250 total points
ID: 40030917
You're definitely not using VTI in this configuration. VTI doesn't use crypto maps, but assigns an IPSec policy to the tunnel interface instead. Based on the partial configuration provided, you should have a tunnel interface with a default encapsulation (GRE) and a destination of 18.7.69.10.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question