GRE over IP VPN Tunnel in Packet Tracer

GRE VPN Tunnel Overview

In this Packet Tracer 6.1 activity you configure a Generic Routing Encapsulation (GRE) over IP VPN tunnel. VPN tunnels are now part of the CCNA certification exam. VPN tunnels allow geographically separate private local area networks to be connected to each other across public wide area networks. In this way, a company or organization can have separate office networks virtually connected to each other across the public internet. Private local area networks connected by a tunnel across the internet have complete transparency to each other and are able to take advantage of all local area network resources as if they were locally available. In VPN Tunnels private networks are able to communicate across the public internet because all private network addressing and header information is not visible to public internet routers. The routers on the public internet do not have knowledge of the the private networks communicating across the internet. Unlike IPSec or OpenVPN tunnels, a GRE tunnel does not provide security or encryption by itself and therefore would not be a recommended method of creating a VPN tunnel across the internet if security or privacy is an important concern.

Instructions

In this Packet Tracer 6.1 activity you do not need to configure R2, and the PCs. R1 and R3 have G0/0, G0/1, and default routes already configured

1. Create a GRE VPN tunnel from the R1 LAN 192.168.1.0/24 to the R3 LAN 192.168.3.0/24
2. Configure Tunnel0 192.168.2.0/24
R1-192.168.2.1
R3-192.168.2.2
3. Use static routes on R1 and R3 (next hop address) to route traffic across tunnel0
4. You are successful when you can ping from PC-A to PC-C and vide versa

Download

GREoverIP_tunnel.zip

 Note: This Packet Tracer activity requires Packet Tracer version 6.1 minimum.

Video Walkthrough Tutorial

 

CLI Command Examples

R1(config)# int tunnel 0
R1(config-if)# ip address 192.168.2.1 255.255.255.0
R1(config-if)# tunnel source g0/1
R1(config-if)# tunnel destination 201.150.200.6
R1(config-if)# tunnel mode gre ip
R1(config-if)# exit
R1(config)# ip route 192.168.3.0 255.255.255.0 192.168.2.2

R3(config)# int tunnel 0
R3(config-if)# ip address 192.168.2.2 255.255.255.0
R3(config-if)# tunnel source g0/1
R3(config-if)# tunnel destination 201.150.200.1
R3(config-if)# tunnel mode gre ip
R3(config-if)# exit
R3(config)# ip route 192.168.1.0 255.255.255.0 192.168.2.1

Author: Dan

Dan teaches computer networking and security classes at Central Oregon Community College.

Leave a Reply

Your email address will not be published. Required fields are marked *