#1
September 3rd, 2015, 11:23 AM
| |||
| |||
Srx gre ipsec
I am networking student and I am trying to configure GRE over IPsec [SRX 240] and check interoperability with Cisco router. Can anyone guide me in this or else tell me from where I get this detail also tell me how to configure GRE over IPsec on SRX devices?
|
#2
February 25th, 2020, 07:56 PM
| |||
| |||
Re: Srx gre ipsec
I am engineering student and searching for details about the SRX GRE IPSEC. Will you provide me details about the SRX GRE IPSEC and also tell details about the GRE addressing?
|
#3
February 25th, 2020, 07:56 PM
| |||
| |||
Re: Srx gre ipsec
The primary use of GRE is to carry non-IP packets via an IP network, with the original IP header buried inside the GRE header (GRE is also used to carry IP packets via an IP cloud). Juniper SRX cann't to terminate GRE and IPSEC with one interface. They will use lo interface for GRE termination. Addressing Juniper SRX: GLOBAL IP: 217.9.80.22 Lo IP: 172.31.254.1 Gre IP: 192.168.254.0 Cisco 1841: GLOBAL IP: 91.208.39.30 Lo IP: 172.31.254.2 Gre IP: 192.168.254.1 IKE policy: encryption: aes128 hash: sha1 Diffie-Hellman group: 5 pre shared key: test IPSEC policy: encryption: aes128 hash: hmac_sha1 Diffie-Hellman group: 5 VPN - tunnel mode esp Basic Configuration Example The basic procedure is as follows: Configure a route-based IPsec tunnel. For more information, refer to TN108. Configure the GRE tunnel. For more information, refer to KB19371 - [SRX] GRE Configuration Example. Configure a static route with the destination as the remote subnet via the GR interface. Configure the static route for the GRE endpoint with the st0 interface as the next-hop. |