I've been looking for an explanation like this for a while. I understand more from this 30 minute video than I ever have even in courses I paid for. Thanks for this!
This explanation of GRE over IP sec is by far the best, simple, smooth, and to the point of what GRE over internet is...Thank you for taking the time to make these videos and teaching us so much.
Just found this video, and I have to say this is the best explanation of how to configure GRE over IPSEC that I have seen. Thank you Kevin and keep up the great content.
All I wanna say is thank you baby cheesus for dropping Kevin Wallace into this world!!! You sir are amazing!!! Your teaching style is simply awesome!!! Thanks for the videos and the knowledge transfer!!
Im not using Cisco equipment at all but, whole theory is very needed to understand how protocols works in fact. So i'm thankful to you for your spended time to share with us your knowledge. you're doing great job !
I just want say you do awesome work Kevin. I been following your channel for some time now. I got my CCNA before the deadline and now I'm after my CCNP. Great work!!! I always leave with little more confidence after you video instruction.
I hit 'like' button as a 500th person. How is it possible that it is not 500k likes already? Great video Kevin as all of your videos thanks a lot for your work.
Kevin this is awesome example. Can you please make a video on the same topic but with DMVPN, My employer is expanding and I'm face with the challenge of connect the sites together.
Hey kevin! quick question here @21:20 you said Routers create a layer 2 segment adjacency, why do we call it "layer two" if it also involves routing ? or is it because they are on the same subnet ?
Hello Kevin. Love your videos. I have a question about the illustration of GRE over IPsec on 15:15. Shouldn't there be the other way around? That is IPsec encapsulated inside the GRE tunnel? Especially if you use, in later configuration, mode transport, opposite to mode tunnel?
GRE is configured with a destination IP address and two IP addresses for the internal tunnel (of a /30 subnet). If we configure more than one GRE tunnel on the same interface on a router, how does the router know which tunnel each incoming GRE packet belongs to?
Kevin, do you have an outline that includes your slides for your routing and switching 200-125 video. It would help with taking notes when studying when following your video. Thanks
Thanks! You don't have to (you could use static routes), but I did in this example. Specifically, I used the "network 0.0.0.0 255.255.255.255 area 0" command under each router's OSPF routing protocol configuration, making all active interfaces participate in the routing process.
Hi Kevin, Nice tutorial there! I have only 1 question: is the tunnel creation mandatory for the IPsec to operate? Can we do the exact configuration but without creating the tunnel? If not, how does the router use the tunnel here? I see no command to link the tunnel with the IPsec in the configuration 🤔
Great job. My only critique is using ISAKMP/IKEv1 in examples. From a security perspective, no one should be using IKEv1 when IKEv2 is available. People will refer to this video and configure their production systems with what they've seen. Always practice like you would do in production.
Hello Kevin, This a great and simple explanation. I glad of that. I got a question. First you created a GRE tunnel which is the ovelay network. Then came in the IPSEC to provide protection to the information. But I can't realize on the configuration or what step is the join between the GRE tunnel 0 and the IPSEC config. Could you please point it out in which line command configuration that tie happens?
If I understand your question (and the theory) correctly, the *crypto ipsec transform-set* statement creates the IPSec portion, the ACL named *GRE-IN-IPSEC* specifies the traffic and they are brought together by the *crypto map* policy named *VPN.* Looked at another way, it is the ACL that diverts the "interesting" GRE traffic through the IPSec tunnel. I hope that helps to answer your question (and that it's technically correct).
