|
Question : GRE tunnel on Cisco 2600
|
|
Im not very familiar with GRE tunnels and I need to create one on an existing network. My topology is very basic: ISP>Router>outside switch>Pix 515E>inside switch>LAN.
Im using only one interface on the 2600 router. I want to create a GRE tunnel on that same interface to a lab server. I know the IP address that I want to come through the tunnel but Im not sure how to configure the router to pass only traffic from that IP address through the tunnel without affecting normal traffic flow. Any suggestions will be appreciated.
|
Answer : GRE tunnel on Cisco 2600
|
|
The something like this on their router:
interface tunnel0
ip address a.b.c.d 255.255.255.252
source-interface Ethernet0
tunnel destination 1.2.3.4 <== your public IP on your router
ip route x.y.z.33 255.255.255.255 tunnel0 <== your lab server IP
On your router, just the opposite
interface tunnel0
ip address a.b.c.e 255.255.255.252
source-interface Ethernet0
tunnel destination 5.6.7.8 <== public IP on their router
ip route 10.10.10.0 255.255.255.0 tunnel0 <== their internal ip subnet
Now, you have to decide how you want this traffic to come in/out of the PIX
access-list outside_in permit ip 10.10.10.0 255.255.255.0 host 192.168.155.110
access-list conditional_nat permit ip 192.168.155.110 10.10.10.0 255.255.255.0
nat (inside) 20 access-list conditional_nat
global (outside) 20 1.2.3.6
access-group outside_in in interface outside
|
|
|
|
