We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 625 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)


405 New Members signed up the last 30 days!


100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,

Forum Replies

  1. In my lab , GNS3, running the command “tunnel mode ipsec ipv4” actually breaks VTI. I am unable to pass traffic . Once i remove that piece and keep the tunnel protection command then my VPN comes up. Do you know why?

    I am running C7200-ADVENTERPRISEK9-M code.

    Running a packet capture i see that traffic is indeed encrypted (ESP) over my “wan”.

  2. Hi Rene
    If i have 3 routers and like A B C and i want to create IPsec Virtual Tunnel Interface between A and C. As i see your configuration.

    R2(config-if)# tunnel source
    R2(config-if)# tunnel destination

    In my case I have router B in the middle so tunnel source and tunnel destination will not be in the same network. Is it ok about that ?
    Thank u.

  3. Not quite, I meant like this:

    You have to create a virtual tunnel interface and use an unnumbered IP.

  4. Hello Yuta

    IPSec functions in two modes. Tunnel mode and transport mode. Tunnel mode is when IPSec is the protocol that is used for tunneling and for encapsulation. This is the case when we configure the following:

    tunnel mode ipsec ipv4
    tunnel protection ipsec profile profile_name

    where the profile as shown in the lesson chooses to use the tunnel mode for IPSec.

    Whenever you choosetunnel mode ipsec ipv4 it is necessary to include the type of encapsulation mechanisms that you will use by indicating the tunnel protection command as well. These two commands t

    ... Continue reading in our forum

11 more replies! Ask a question or join the discussion by visiting our Community Forum