3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
Brief Introduction to GRE 131
communicate with Group2 and Term1 with Term2 without interfering with each
other.
2 Expanding the operating area of networks running hop-limited protocols (e.g. IPX)
Figure 32 Expanding network operating area
If the hop count between two terminals in the above figure is more than 15, the
two terminals cannot communicate with each other. By setting up a Tunnel across
the network, some hops can be hidden, thus expanding the operating area of the
network.
3 Connecting some discontinuous sub-networks to establish VPN
Figure 33 Tunnel connecting discontinuous sub-networks
Sub-networks group1 and group2 running Novell IPX are in different cities but
they can form a VPN over WAN by using a Tunnel.
4 The use in conjunction with IPsec
Figure 34 GRE-IPsec Tunnel application
As illustrated in the above figure, GRE can encapsulate multicast data and transmit
the data through the GRE Tunnel. As provisioned, IPsec can only protect unicast
data at present. When transmitting such multicast data as routing protocol, voice
and image in an IPsec Tunnel, you can set up a GRE Tunnel, encapsulate the
Router
r
r
Tunnel
Switch8800A
Router
Switch8800B
IP network IP network
PC
PC
IP network
Tunnel
group2
novell
l
Switch8800A
Switch8800B
group 1
novell
IP network
VLAN
Internet
IPSec Tunnel
GRE Tunnel
Remote
office
network
Corporate
intranet
Switch8800A
Switch8800B