Generic Routing Encapsulation (GRE) is a tunneling protocol that was developed by Cisco to encapsulate a wide variety of protocols transported inside a virtual point-to-point link. The success and popularity of this protocol has lead to its adoption by other vendors. In this demonstration, I will share with us on how to successfully set up a GRE tunnel between a Mikrotik and a Cisco router.
Network Topology:
Both routers are connected to the internet at different locations. The objective is to configure a GRE tunnel to allow LAN to LAN communication for computers on the networks behind both routers. First, let’s start with the Cisco 2811 router.
Cisco:
Router#conf t
Router(config)#conf t
Router(config)#hostname Cisco
Cisco(config)#int f0/0
Cisco(config-if)#ip add 1.1.1.2 255.255.255.252
Cisco(config-if)#desc connection_to_ISP
Cisco(config-if)#no shut
Cisco(config-if)#int f0/1
Cisco(config-if)#ip add 192.168.10.1 255.255.255.0
Cisco(config-if)#desc connection_to_LAN
Cisco(config-if)#no shut
Cisco(config-if)#exit
NAT configuration:
Cisco(config)#ip access-list extended LAN
Cisco(config-ext-nacl)#deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
Cisco(config-ext-nacl)#permit ip 192.168.10.0 0.0.0.255 any
Cisco(config-ext-nacl)#exit
Cisco(config)#ip nat pool cisco 1.1.1.1 1.1.1.1 netmask 255.255.255.252
Cisco(config)#ip nat inside source list LAN pool cisco overload
Cisco(config)#int f0/0
Cisco(config-if)#ip nat outside
Cisco(config-if)#int f0/1
Cisco(config-if)#ip nat inside
Cisco(config-if)#exit
You may also like: How to connect multiple branch offices to the head quarter using GRE tunnel
GRE tunnel configuration:
Cisco(config)#interface tunnel 0
Cisco(config-if)#ip address 10.10.10.1 255.255.255.252
Cisco(config-if)#tunnel mode gre ip
Cisco(config-if)#tunnel source s0/3/0
Cisco(config-if)#tunnel destination 1.1.1.2
Cisco(config-if)#exit
Cisco(config)#ip route 192.168.20.0 255.255.255.0 10.10.10.2
Cisco(config)#ip route 0.0.0.0 0.0.0.0 1.1.1.1
Mikrotik:
[admin@Mikrotik] > ip address add address=2.2.2.2/30 interface=ether1 comment=connection_to_internet
[admin@Mikrotik] > ip address add address=192.168.20.1/24 interface=ether2 comment=connection_to_LAN
[admin@Mikrotik] > ip firewall nat add src-address=192.168.20.0/24 dst-address=192.168.10.0/24 action=accept
[admin@Mikrotik] > ip firewall nat add out-interface=ether1 action=masquerade
[admin@Mikrotik] > interface gre add name tun0 remote-address=1.1.1.2 local-address=2.2.2.2
[admin@Mikrotik] > ip address add address=10.10.10.2/30 interface=tun0 comment=connection_to_cisco
[admin@Mikrotik] > ip route add dst-address=192.168.10.0/24 gateway=10.10.10.1
[admin@Mikrotik] > ip route add dst-address=0.0.0.0/0 gateway=2.2.2.1
Verification:
To verify, run a ping from the PC attached to the LAN on the Cisco router to the PC on the LAN attached to the Mikrotik router. If configured correctly, it should be successful. On the Miktotik, you can click on the GRE interface and click on traffic to see the traffics passing through in real-time. See sample image below.
Thank you guys for reading this post. Please subscribe to my Youtube channels, follow me on Twitter and like my page on Facebook to get latest
Good Article Ashioma Michael, Keep it up
http://www.routexp.com
Thank you a lot. I appreciate this.