This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASTARO to CISCO GRE tunnel

Hi,

I'm trying to build a vpn tunnel ASTARO to CISCO. I did the following:

ASTARO side:
iptunnel add tun0 mode gre remote xx.xx.xx.xx local yy.yy.yy.yy ttl 255
ifconfig tun0 inet 172.16.8.2 netmask 255.255.255.0
ifconfig tun0 up

CISCO side:
interface Tunnel0
ip address 172.16.8.1 255.255.255.0
tunnel source xx.xx.xx.xx
tunnel destination yy.yy.yy.yy

It should be as simple as this, but it doesn't work.

Has anyone done this?

Thanks

This thread was automatically locked due to age.

Parents

0 da_merlin over 11 years ago

Your CLI command works for we connection to ASGs with GRE.

Do you setup packetfilter rules on ASG, allowing protocol 47?
You must create two rules, one with Interface Address object as Source
and one with Interface Address object as Destination. This will create the necessary USR_INPUT and USR_OUTPUT rules. Otherwise the rules are put in USR_FORWARD if you choose ANY or a custom created network definition.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 da_merlin over 11 years ago

Your CLI command works for we connection to ASGs with GRE.

Do you setup packetfilter rules on ASG, allowing protocol 47?
You must create two rules, one with Interface Address object as Source
and one with Interface Address object as Destination. This will create the necessary USR_INPUT and USR_OUTPUT rules. Otherwise the rules are put in USR_FORWARD if you choose ANY or a custom created network definition.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data