EasyManuals Logo
Home>Digi>Network Router>Connect IT 4

Digi Connect IT 4 User Manual

Digi Connect IT 4
964 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #418 background imageLoading...
Page #418 background image
Virtual Private Networks (VPN) Generic Routing Encapsulation (GRE)
Digi Connect IT® 4 User Guide
418
Example: GRE tunnel over an IPSec tunnel
The Connect IT 4 device can be configured as an advertised set of routes through an IPSec tunnel. This
allows you to leverage the dynamic route advertisement of GRE tunnels through a secured IPSec
tunnel.
The example configuration provides instructions for configuring the Connect IT 4 device with a
GREtunnel through IPsec.
Connect IT 4-1 configuration tasks
1. Create an IPsec tunnel named ipsec_gre1 with:
n A pre-shared key.
n Remote endpoint set to the public IP address of the Connect IT 4-2 device.
n A policy with:
l Local network set to the IP address and subnet of the local GRE tunnel,
172.30.0.1/32.
l Remote network set to the IP address and subnet of the remote GRE tunnel,
172.30.0.2/32.
2. Create an IPsec endpoint interface named ipsec_endpoint1:
a. Zone set to Internal.
b. Device set to Ethernet: Loopback.
c. IPv4 Address set to the IP address of the local GRE tunnel, 172.30.0.1/32.
3. Create a GRE tunnel named gre_tunnel1:
a. Local endpoint set to the IPsec endpoint interface, Interface: ipsec_endpoint1.
b. Remote endpoint set to the IP address of the GRE tunnel on Connect IT 4-2, 172.30.0.2.
4. Create an interface named gre_interface1 and add it to the GRE tunnel:
a. Zone set to Internal.
b. Device set to IP tunnel: gre_tunnel1.
c. IPv4 Address set to a virtual IP address on the GRE tunnel, 172.31.0.1/30.
Connect IT 4-2 configuration tasks
1. Create an IPsec tunnel named ipsec_gre2 with:
n The same pre-shared key as the ipsec_gre1 tunnel on Connect IT 4-1.
n Remote endpoint set to the public IP address of Connect IT 4-1.
n A policy with:
l Local network set to the IP address and subnet of the local GRE tunnel,
172.30.0.2/32.
l Remote network set to the IP address of the remote GRE tunnel, 172.30.0.1/32.
2. Create an IPsec endpoint interface named ipsec_endpoint2:
a. Zone set to Internal.
b. Device set to Ethernet: Loopback.
c. IPv4 Address set to the IP address of the local GRE tunnel, 172.30.0.2/32.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Digi Connect IT 4 and is the answer not in the manual?

Digi Connect IT 4 Specifications

General IconGeneral
BrandDigi
ModelConnect IT 4
CategoryNetwork Router
LanguageEnglish

Related product manuals