Hi, Joe There is a sligt difference between A and B. Could you share some insights as well?
Thanks Michael -----Original Message----- From: Joe Deleonardo [mailto:[EMAIL PROTECTED] Sent: Sunday, July 06, 2003 5:17 PM To: Michael Jia; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: GRE with IPsec I don't have a source. But, it's really very simple all you do is apply the crypto map to the tunnel interface AND the physical interface between the two devices. Then add an ACL: access-l 100 permit gre host host You do that on each device of course. And then the rest of it is just a standard VPN config. Cheers, Joseph ----- Original Message ----- From: "Michael Jia" To: ; Sent: Sunday, July 06, 2003 2:56 PM Subject: GRE with IPsec > Hi, > > Anyone has good reference doc about GRE with Ipsec . > > I am a little confused about 2 flavors of crypto ACL used: > A) permit ip > B) permit gre any any > > It seems option A is encry first then GRE encap, while option B is > encap first then encrypt. > > Is there a good ref about these setups? > > > Thanks > Michael Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71965&t=71965 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
