GRE

欢迎您访问我爱IT技术网，今天小编为你分享的电脑教程是网络协议方面的经验知识教程：GRE，下面是详细的分享！

GRE

拓扑：

由于IPsec不支持组播（IPsec的peer可以不在一个网段），所以分公司R1与R2路由无法更新，导致内网互相不能通信。用GRE over IPsec可以解决。

配置
R1：
crypto isakmp policy 1
encr 3des
authentication pre-share
crypto isakmp key cisco address 10.1.1.2
crypto ipsec transform-set ccmc esp-3des esp-md5-hmac
crypto map cnc 1 ipsec-isakmp
set peer 10.1.1.2
set transform-set ccmc
match address 100
interface Loopback1
ip address 1.1.1.1 255.255.255.255
interface Tunnel0
ip address 10.1.1.1 255.255.255.0
tunnel source 12.1.1.1
tunnel destination 12.1.2.2
interface Serial0/0
ip address 12.1.1.1 255.255.255.0
serial restart-delay 0
crypto map cnc
router eigrp 1
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
auto-summary
router ospf 1
log-adjacency-changes
network 12.1.1.0 0.0.0.255 area 0

access-list 100 permit ip 1.1.1.0 0.0.0.255 2.2.2.0 0.0.0.255
R3：
interface Serial0/0
ip address 12.1.1.2 255.255.255.0
serial restart-delay 0
interface Serial0/1
ip address 12.1.2.1 255.255.255.0
serial restart-delay 0
router ospf 1
log-adjacency-changes
network 12.1.1.0 0.0.0.255 area 0
network 12.1.2.0 0.0.0.255 area 0

R2：
crypto isakmp policy 1
encr 3des
authentication pre-share
crypto isakmp key cisco address 10.1.1.1
crypto ipsec transform-set 123 esp-3des esp-md5-hmac
crypto map 321 1 ipsec-isakmp
set peer 10.1.1.1
set transform-set 123
match address 100
interface Loopback1
ip address 2.2.2.2 255.255.255.255
interface Tunnel0
ip address 10.1.1.2 255.255.255.0
tunnel source 12.1.2.2
tunnel destination 12.1.1.1
interface Serial0/0
ip address 12.1.2.2 255.255.255.0
serial restart-delay 0
crypto map 321
router eigrp 1
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 12.1.2.0 0.0.0.255
auto-summary
router ospf 1
log-adjacency-changes
network 12.1.2.0 0.0.0.255 area 0
access-list 100 permit ip 2.2.2.0 0.0.0.255 1.1.1.0 0.0.0.255

以上就是关于GRE的网络协议知识分享，更多电脑教程请移步到>>电脑教程。