HP VPN Firewall Appliances VPN Configuration Guide
59
Configuring tunneling
The term "router" in this document refers to both routers and routing-capable firewalls and firewall
modules.
Tunneling can be configured only at the CLI.
Overview
Tunneling is an encapsulation technology. One network protocol encapsulates packets of another
network protocol and transfers them over a virtual point-to-point connection. The virtual connection is
called a tunnel. Packets are encapsulated at the tunnel source end and de-encapsulated at the tunnel
destination end. Tunneling refers to the whole process from data encapsulation to data transfer to data
de-encapsulation.
Tunneling supports the following technologies:
• Transition techniques, such as IPv6 over IPv4 tunneling, to interconnect IPv4 and IPv6 networks.
• Virtual Private Network (VPN) such as IPv4 over IPv4 tunneling, IPv4/IPv6 over IPv6 tunneling,
Generic Routing Encapsulation (GRE), Dynamic Virtual Private Network (DVPN), and IPsec
tunneling.
Unless otherwise specified, the term tunnel in this document refers to IPv6 over IPv4, IPv4 over IPv4, IPv4
over IPv6, and IPv6 over IPv6 tunnels.
For more information about GRE, see "Configuring GRE."
For more information about DVPN, see "Configuring DVPN."
For more information about IPsec, see "Configuring IPsec."
IPv6 over IPv4 tunneling
Implementation
IPv6 over IPv4 tunneling adds an IPv4 header to IPv6 packets so that IPv6 packets can pass an IPv4
network through a tunnel to realize interworking between isolated IPv6 networks, as shown in Figure 56.
The devices at the ends of an I
Pv6 over IPv4 tunnel must support the IPv4/IPv6 dual stack.