R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101
4
VPN establishment by connecting discontinuous subnets
Figure 6 Connect discontinuous subnets with a tunnel to form a VPN
In the example as shown in Figure 6, Group 1 and Group 2 running Novell IPX are deployed in different
cities. They can constitute a trans-WAN virtual private network (VPN) through the tunnel.
GRE-IPsec tunnel application
Figure 7 GRE-IPsec tunnel application
GRE can work with IPsec, allowing data packets like routing protocol, voice, and video packets to be
encapsulated by GRE and then encrypted by IPsec to improve security of data transmission in a tunnel.
Protocols and standards
• RFC 1701, Generic Routing Encapsulation (GRE)
• RFC 1702, Generic Routing Encapsulation over IPv4 networks
• RFC 2784, Generic Routing Encapsulation (GRE)
Configuring GRE in the web interface
NOTE:
You can configure only GRE over IPv4 tunnels through web.
Configuration prerequisites
On each of the peer devices, configure an IP address for the interface to be used as the source interface
of the tunnel interface (which can be a, for example, VLAN interface, Ethernet interface, or loopback
interface), and make sure that this interface can normally communicate with the interface used as the
source interface of the tunnel interface on the peer device.