Improve company productivity with a Business Account.Sign Up

x
?
Solved

VPN VTI vs GRE

Posted on 2014-04-28
2
Medium Priority
?
2,662 Views
Last Modified: 2014-04-29
How do I know if my config is a VPN VTI or GRE config? The reason I ask is because it looks like my crypto config is VTI. But the ACL is for GRE instead of IP:

ip access-list extended vpn100
permit gre host 5.9.3.1 host 18.7.69.10

 
Below is my partial vpn config:

crypto isakmp policy 10
encr 3de
authentication pre-share
group 2

crypto isakmp key cisco123 address 18.7.69.10 no-xauth
!
crypto ipsec transform-set vpn-transformset esp-3des esp-sha-hmac
!
crypto map vpn-map 10 ipsec-isakmp
set peer 18.7.69.10
set transform-set vpn-transformset
match address vpn100

 Thank you for any inputs.
0
Comment
Question by:leblanc
2 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 1000 total points
ID: 40029428
Here is a good link pointing out advantages of VTI:

https://supportforums.cisco.com/blog/149426/advantages-vti-configuration-ipsec-tunnels


harbor235 ;}
0
 
LVL 22

Assisted Solution

by:Jody Lemoine
Jody Lemoine earned 1000 total points
ID: 40030917
You're definitely not using VTI in this configuration. VTI doesn't use crypto maps, but assigns an IPSec policy to the tunnel interface instead. Based on the partial configuration provided, you should have a tunnel interface with a default encapsulation (GRE) and a destination of 18.7.69.10.
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
In short, I will be giving a guide on how to install UNMS on a virtual machine in hyper-v and change the default port for security (you don’t need to have a server, since Windows 10 supports hyper-v)
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question