Got an Interesting Question Today

10Linefigure10Linefigure CCNP R&S, Security+USAPosts: 368Member ■■■□□□□□□□
Hello Everyone!

I was as an interesting question today. Can you use keepalives on encrypted GRE tunnels. My first thought was "yea of course". But when they walked away I started searching and am quite confused now.

1. "Note: GRE keepalives are not supported together with IPsec tunnel protection under any circumstances. This document discusses this issue." source: https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-technote-gre-00.html

2. "When GRE is used with IPsec, the keepalives are encrypted like any other traffic" Source: https://www.cisco.com/c/en/us/td/docs/ios/12_2sb/feature/guide/sb_gretk.html < this one is along the lines of my initial response.

Note: The 2nd option is from 2006. And the first from 2017. Trust the newer documentation?

Can someone help me make sense of this please :)
CCNP R&S, Security+
B.S. Geography - Business Minor
MicroMasters - CyberSecurity
Professional Certificate - IT Project Management

Comments

  • cratermancraterman ■□□□□□□□□□ Posts: 12Member ■□□□□□□□□□
    I think if you use IOS 12 then you should trust to old document. I think if you use IOS 15 or any IOS XE then you should trust to new document. But as practice shows, it's better to check this in real environment.
Sign In or Register to comment.