GRE and IPsec tunnels

What is GRE??? Is GRE and IPsec the same, how do they work together.

Any information will be appreciated

Reply to
Loading thread data ...

GRE (Generic Routing Encapsulation) is a protocol which allows you to carry different protocols (IP, IPX, DEC net, etc.) over IP. This is done by encapulating the entire packet in an IP packet for transmission over an IP network, and then removing the encapsulation at the other end.

IPSec is a protocol that's designed to protect individual TCP/IP packets traveling across a network by using public key encryption.

By combining the 2 protocols you can encapsulate traffic in GRE tunnel and then encrypt these packets for transmission over an insecure medium such as the internet. To the networks at each end of the tunnel the connection between the 2 looks like a point-to-point connection.


Reply to
Buzz Lightbeer

Are they the same - NO

GRE is a tunneling protocol that was originally developed by Cisco, and it can do a few more things than IP-in-IP tunneling. For example, you can also transport multicast traffic and IPv6 through a GRE tunnel.

see RFC 2784 for technical details.

The GRE protocol does not encypted traffic carried over a tunnel.

IPSEC is encrypted IP

How to they work together - one good example is how to cary routing protocols like EIGRP or OSPF over an ISEC VPN tunnel. IPSEC only support unicast traffic and EIGRP and OSPF use multicast destintion IP addresses.

So GRE is used with IPSEC to accomplish this feat - see Cisco doc

formatting link

Reply to
Merv Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.