Options
GRE over IPSec ACL question
Bosefus
Member Posts: 67 ■■□□□□□□□□
In all the GRE over IPSec configuration guides I seem to find, they recommend using the following ACL
access-list 120 permit gre host 14.38.88.10 host 14.36.88.6
Where source is outside local and destination is outside remote.
Is the ACL used to specify what traffic to encrypt? If so wont this mean that not all traffic will be encrypted?
Thanks
access-list 120 permit gre host 14.38.88.10 host 14.36.88.6
Where source is outside local and destination is outside remote.
Is the ACL used to specify what traffic to encrypt? If so wont this mean that not all traffic will be encrypted?
Thanks
Working on CCNP, passed BSCI, Currently working on ONT.
Comments
-
Options
Ahriakin
Member Posts: 1,799 ■■■■■■■■□□
It will encrypt whatever you have already encapsulated inside GRE. So if those IPs mark your GRE tunnel endpoints then you ultimately control what actual data is being encrypted by deciding what will go through the GRE tunneling process pre-IPSec.We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place? -
OptionsBosefus
Member Posts: 67 ■■□□□□□□□□
Makes sense, thank you for your reply.Working on CCNP, passed BSCI, Currently working on ONT.