Case Number | K13112422 |
Title | Cannot establish LAN-to-LAN IPSec/GRE tunnel - Added GRE to existing IPSec tunnel |
Core issue | No crypto debugs appear when trying to initiate the tunnel. IPSec worked before adding generic routing encapsulation (GRE) to the configuration. |
Resolution | To add GRE to a working IPSec configuration, follow these steps.
int tunnel ip address private_ip subnet_mask tunnel source outside_interface_name tunnel destination peer_address
access-list acl_name permit gre host tunnel_source_ip host peer_address
For more information, including a sample configuration, see Configuring Router-to-Router IPSec (Pre-shared Keys) on GRE Tunnel with CBAC and NAT. |
Problem Type | Connectivity |
Product Family | Routers |
Cisco IOS Software Version | 12.0, 12.1, 12.2 |
VPN Tunnel End Points | Router |
Protocol / Ports | Generic routing encapsulation (GRE) |
VPN Protocols | IPSec |
VPN Tunnel Initialization | IPSec session is not established |