We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 644 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

492 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,


Forum Replies

  1. Not quite, I meant like this:

    You have to create a virtual tunnel interface and use an unnumbered IP.

  2. Hello Yuta

    So to reiterate, the tunnel mode ipsec ipv4 command configures the encapsulation. What does that mean? It may help to take a look at what we mean when we say encapsulation.

    Now there is the option that I spoke about before, where you can use the following commands:

    tunnel mode gre
    tunnel protection ipsec profile profile_name
    

    and the tunnel would be encrypted. This is because the first command deals with encapsulation while the second deals with the encryption.

    Now if the commands are as follows:

    tunnel mode ipsec ipv4
    tunnel protection ipsec pro
    ... Continue reading in our forum

  3. Hi Laz,

    Thank you for the explanation.
    Please correct me if I am misunderstanding here. If the encapsulation is ipsec, then it means encrypting the original packets twice one with “tunel mode ipsec ipv4” and then “tunnel protection” command for second encryption while if we choose to use gre as encapsulation encryption is done on the whole gre and original packets?

    Also would you please teach me how to decide which encapsulation type we should be using?

    Regards,

    Yuta

  4. Hello Yuta

    IPSec functions in two modes. Tunnel mode and transport mode. Tunnel mode is when IPSec is the protocol that is used for tunneling and for encapsulation. This is the case when we configure the following:

    tunnel mode ipsec ipv4
    tunnel protection ipsec profile profile_name
    

    where the profile as shown in the lesson chooses to use the tunnel mode for IPSec.

    Whenever you choosetunnel mode ipsec ipv4 it is necessary to include the type of encapsulation mechanisms that you will use by indicating the tunnel protection command as well. These two commands t

    ... Continue reading in our forum

15 more replies! Ask a question or join the discussion by visiting our Community Forum