Message Image

Skip main navigation (Press Enter).

SRX

last person joined: yesterday

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

GRE over IPSEC to a cisco

MFB02-14-2017 07:09

Hi, Can anyone confirm if the following solution works or what is the required configuration to ...

rsuraj02-14-2017 20:27

This configuration looks good and many customers use similar setup (GRE over IPSec). Let me know if ...

spuluka02-21-2017 05:18

It has been a while but I've used this type of configuration for compatibility and it does work. ...

1. GRE over IPSEC to a cisco

0 Recommend
MFB
Posted 02-14-2017 07:09

Reply Reply Privately
Hi,

Can anyone confirm if the following solution works or what is the required configuration to get this working. On the cisco side they are using GRE encrypted inside ipsec, but the way it works is defrently from how juniper does it, where you have to route the GRE over the ipsec tunnel. Please see below:

https://overlaid.net/2014/02/01/juniper-cisco-gre-ipsec-with-ospf/
2. RE: GRE over IPSEC to a cisco

0 Recommend
rsuraj
Posted 02-14-2017 20:27

Reply Reply Privately
This configuration looks good and many customers use similar setup (GRE over IPSec). Let me know if you are worried/suspecious about any specific part of the configuration and need clarification.
3. RE: GRE over IPSEC to a cisco

0 Recommend
spuluka
Posted 02-21-2017 05:18

Reply Reply Privately
It has been a while but I've used this type of configuration for compatibility and it does work.

In a Juniper to Juniper connection you don't need the GRE tunnel but can use a route based VPN and make those OSPF or other connections directly across the tunnel via the tunnel interfaces themselves.

My recollection is that when connecting to Cisco for these types of peers the GRE encapsulation over the VPN is required for the multicast traffic to work as expected.

Powered by Higher Logic