Configuring the Cisco VPN 5000 and a Router to Open a GRE Tunnel
Available Languages
Contents
Introduction
This document provides an overview of the configuration required to allow a Cisco router running Cisco IOS® software and a Cisco VPN 5000 Series Concentrator to open a Generic Routing Encapsulation (GRE) tunnel.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on these software and hardware versions:
-
Cisco IOS Software Release 12.0(7)T
-
Cisco VPN 5000 Concentrator software version 5.2.19US
-
Cisco VPN 5002 Concentrator
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
For more information on document conventions, refer to Cisco Technical Tips Conventions.
Configure
In this section, you are presented with the information to configure the features described in this document.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .
Network Diagram
This document uses the network setup shown in this diagram.
Configurations
This document uses the configurations shown here.
| Cisco VPN 5002 Concentrator |
|---|
[ General ] IPSecGateway = 200.1.1.2 DeviceName = "omar5002" EthernetAddress = 00:00:a5: e9:c8:00 DeviceType = VPN 5002/8 Concentrator ConfiguredOn = Timeserver not configured ConfiguredFrom = Command Line, from Console EnablePassword = Password = [ IP Ethernet 1:0 ] Mode = Routed SubnetMask = 255.255.255.0 IPAddress = 200.1.1.1 [ IP Ethernet 0:0 ] Mode = Routed SubnetMask = 255.255.255.0 IPAddress = 10.10.10.1 [ Tunnel Partner VPN 1 ] EncryptMethod = None Encryption = Off Authentication = Off KeyManage = Manual Mode = Main Partner = 100.1.1.1 LocalAccess = "10.10.10.0/24" BindTo = "ethernet1:0" Peer = "20.20.20.0/24" [ IP Static ] 20.20.20.0 255.255.255.0 vpn 1 1 [ IP VPN 1 ] Numbered = Off Mode = Routed Configuration size is 1107 out of 65500 bytes. omar5002# |
| Router Running Cisco IOS Software |
|---|
Router Configuration: Router#show running-config Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router ! ! ip subnet-zero ! ! ! interface Tunnel0 ip unnumbered Ethernet1 no ip directed-broadcast tunnel source 100.1.1.1 tunnel destination 200.1.1.1 ! interface Ethernet0 ip address 100.1.1.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet1 ip address 20.20.20.1 255.255.255.0 no ip directed-broadcast ! ! ip classless ip route 0.0.0.0 0.0.0.0 100.1.1.2 1 ip route 10.10.10.0 255.255.255.0 Tunnel0 no ip http server ! ! line con 0 transport input none line aux 0 line vty 0 4 login ! end |
Verify
This section provides information you can use to confirm your configuration is working properly.
Certain show commands are supported by the Output Interpreter Tool (registered customers only) , which allows you to view an analysis of show command output.
-
show vpn statistics verbose —Provides detailed tunnel information.
-
show interface—Provides interface statistics.
This is sample command output of the show vpn statistics verbose taken from the Cisco VPN 5002 Concentrator.
omar5002#show vpn statistic verbose Current In High Running Tunnel Tunnel Tunnel Active Negot Water Total Starts OK Error -------------------------------------------------------------- Users 0 0 0 0 0 0 0 Partners 1 0 1 1 0 0 0 Total 1 0 1 1 0 0 0 Stats VPN0:1 Wrapped 697 Unwrapped 697 BadEncap 0 BadAuth 0 BadEncrypt 0 rx IP 718 rx IPX 0 rx Other 0 tx IP 734 tx IPX 0 tx Other 0 IKE rekey 0 Input VPN pkts dropped due to no SA: 0 Input VPN pkts dropped due to no free queue entries: 0 ISAKMP Negotiation stats Admin packets in 0 Fastswitch packets in 0 No cookie found 0 Can't insert cookie 0 Inserted cookie(L) 0 Inserted cookie(R) 0 Cookie not inserted(L) 0 Cookie not inserted(R) 0 Cookie conn changed 0 Cookie already inserted 0 Deleted cookie(L) 0 Deleted cookie(R) 0 Cookie not deleted(L) 0 Cookie not deleted(R) 0 Forwarded to RP 0 Forwarded to IOP 0 Bad UDP checksum 0 Not fastswitched 0
This is sample command output of the show interface command taken from the router.
Router#show interface tunnel 0 Tunnel0 is up, line protocol is up Hardware is Tunnel Interface is unnumbered. Using address of Ethernet1 (20.20.20.1) MTU 1476 bytes, BW 9 Kbit, DLY 500000 usec, reliability 255/255, txload 55/255, rxload 113/255 Encapsulation TUNNEL, loopback not set Keepalive set (10 sec) Tunnel source 100.1.1.1, destination 200.1.1.1 Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled Checksumming of packets disabled, fast tunneling enabled Last input 00:00:15, output 00:00:15, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/0, 1 drops; input queue 0/75, 0 drops 5 minute input rate 4000 bits/sec, 5 packets/sec 5 minute output rate 11000 bits/sec, 5 packets/sec 1309 packets input, 129264 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 1348 packets output, 316468 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out Router#
Troubleshoot
There is currently no specific troubleshooting information available for this configuration.
Related Information
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
10-Sep-2001 |
Initial Release |
Feedback