Home
Certification Preparation
Cisco
CCNP
CCNP Security
GRE over IPSec ACL question
Bosefus
In all the GRE over IPSec configuration guides I seem to find, they recommend using the following ACL
access-list 120 permit gre host 14.38.88.10 host 14.36.88.6
Where source is outside local and destination is outside remote.
Is the ACL used to specify what traffic to encrypt? If so wont this mean that not all traffic will be encrypted?
Thanks
Find more posts tagged with
Comments
Ahriakin
It will encrypt whatever you have already encapsulated inside GRE. So if those IPs mark your GRE tunnel endpoints then you ultimately control what actual data is being encrypted by deciding what will go through the GRE tunneling process pre-IPSec.
Bosefus
Makes sense, thank you for your reply.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
