GRE over IPSec

GRE Over IPSec on Libreswan / MikroTik stack

Introduction

In this article we are going to take a look at a basic point to point GRE over IPSec implementati...

Design Specifications

Scope: ACME Inc has a global presence in different cities and countries Internal resources ar...

Topology

Topology A simple permanent site to site tunnel between the remote office (Zone 1) and HQ (Z...

Equipment selection

Requirements Zone1: Provide dynamic configuration of CE interface via PPP/DHCP opt. 82 Provid...

GRE

Tunnel protocol supporting encapsulation of various protocols

MikroTik

Standing up GRE interface (Interfaces >> GRE Tunnel) Assigning the IP (IP >> Addresses) ...

Debian

Loading GRE module into the kernel modprobe ip_gre Checking lsmod | grep gre Standi...

Testing

Checking [username@fw1] > ping address=10.254.254.254 src-address=10.254.254.253 size=1500 ...

IPSec

Protocol stack for encryption in IP networks

MikroTik

Defining Phase 1 cryptography settings (IP >> IPSec >> Profiles) Setting up peer (IP >> ...

Libreswan

Installing the package apt install libreswan Initializing NSS and setting up password to ...

Testing

Testing [username@fw1] > ping address=10.254.254.254 src-address=10.254.254.253 size=1500 ...

Routing and NAT

Routing and IP translation

MikroTik

Creating new routing table (Routing >> Tables) Creating a default route pointing towards...

Testing

Testing from client ping 10.254.254.254 -l 1500 Pinging 10.254.254.254 with 1500 bytes of...

Conclusion

Although we've had a look at a basic GRE over IPsec setup with a split tunnel enabled, a few word...

GRE over IPSec

Introduction

Design Specifications

Topology

Equipment selection

GRE

MikroTik

Debian

Testing

IPSec

MikroTik

Libreswan

Testing

Routing and NAT

MikroTik

Testing

Conclusion

Search Results