Vpn creation by connecting discontinuous subnets, Gre-ipsec tunnel application, Protocols and standards – H3C Technologies H3C S12500 Series Switches User Manual

Page 240: Configuring a gre over ipv4 tunnel, Configuration guidelines

Advertising
background image

226

VPN creation by connecting discontinuous subnets

Figure 98 Connect discontinuous subnets with a tunnel to form a VPN

In the example as shown in

Figure 98

, Group 1 and Group 2 running Novell IPX are deployed in different

cities. They can constitute a trans-WAN virtual private network (VPN) through the tunnel.

GRE-IPsec tunnel application

Figure 99 GRE-IPsec tunnel application

GRE can work with IPsec, allowing data packets like routing protocol, voice, and video packets to be

encapsulated by GRE and then encrypted by IPsec to improve security of data transmission in a tunnel.

Protocols and standards

RFC 1701, Generic Routing Encapsulation (GRE)

RFC 1702, Generic Routing Encapsulation over IPv4 networks

RFC 2784, Generic Routing Encapsulation (GRE)

Configuring a GRE over IPv4 tunnel

Configuration guidelines

The source address and destination address of a tunnel uniquely identify a path. They must be

configured at both ends of the tunnel and the source address at one end must be the destination
address at the other end and vice versa.

Tunnel interfaces using the same encapsulation protocol must have different source addresses and
destination addresses.

Advertising
This manual is related to the following products:

H3C S9500E Series Switches, H3C MSR 5600, H3C MSR 50, H3C MSR 3600, H3C MSR 30, H3C MSR 2600, H3C MSR 20-2X[40], H3C MSR 20-1X, H3C MSR 930, H3C MSR 900, H3C SecPath F5020, H3C SecPath F5040, H3C VMSG VFW1000

Popular Brands
Popular manuals