CCNA 4.3: Configure, verify and troubleshoot GRE tunnel connectivity (FREE LAB!)

Overview

Generic routing encapsulation (GRE) is a simple site-to-site VPN tunneling protocol.

 

Study Notes:

  • Nonsecure, site-to-site VPN tunneling protocol
  • Used to tunnel IP packets across the internet
  • GRE header encapsulates an IP header and packet
    • The IP header and packet is the letter
    • The GRE header is the envelope
  • GRE can encapsulate any OSI layer 3 protocol, but it’s typically IP
  • GRE is encapsulation not encryption.  There are no strong security mechanisms
  • GRE is stateless and does not include flow control
  • GRE header plus IP header equals 24 bytes (minimum) additional overhead
  • GRE tunnel interface addresses will be in the same subnet

 

Labs:

THIS LAB FREE!
PacketTracer Lab: CCNA-4.3-Configure-verify-and-troubleshoot-GRE-tunnel-connectivity.pkt

The objective of this lab is to establish a GRE tunnel between Router1 and Router3 and verify it is working by pinging across the tunnel.

  • On Router1, create the tunnel interface named Tunnel1
config t
    interface Tunnel 1
  • Set the tunnel mode to gre ip
    • tunnel = protocol-over-protocol tunneling
    • mode = tunnel encapsulation method
    • gre = generic route encapsulation protocol
    • ip = over IP
        tunnel mode gre ip
  • Set the IP address of the tunnel interface
        ip address 172.16.0.1 255.255.255.252
  • Set the source interface of the tunnel interface.  This is Serial1/0 interface on Router1.
        tunnel source s1/0
  • Set the destination address of the tunnel interface.  This is the S1/1 interface on Router3.
        tunnel destination 192.168.1.2
  • Activate the tunnel interface
        no shut
        exit
  • Configure a route that tells Router1 how to get to Router3.  To get to 192.168.1.2/32 go to 192.168.0.2.
    ip route 192.168.1.2 255.255.255.255 192.168.0.2
  • Configure a default route pointing to the Tunnel interface on Router3 so that all other traffic uses the GRE tunnel.
    ip route 0.0.0.0 0.0.0.0 172.16.0.2
    exit

 

  • On Router3, create the tunnel interface named Tunnel1
config t
    interface Tunnel 1
  • Set the tunnel mode to gre ip
        tunnel mode gre ip
  • Set the IP address of the tunnel interface
        ip address 172.16.0.2 255.255.255.252
  • Set the source interface of the tunnel interface.  This is Serial1/01 interface on Router3.
        tunnel source s1/1
  • Set the destination address of the tunnel interface.  This is the S1/0 interface on Router1.
        tunnel destination 192.168.0.1
  • Activate the tunnel interface
        no shut
        exit
  • Configure a route that tells Router3 how to get to Router1.  To get to 192.168.0.1/32 go to 192.168.1.1
    ip route 192.168.0.1 255.255.255.255 192.168.1.1
  • Configure a default route pointing to the Tunnel interface on Router1 so that all other traffic uses the GRE tunnel.
    ip route 0.0.0.0 0.0.0.0 172.16.0.1
    exit

 

  • Verification
  • On Router1 and Router3, verify that Serial1/0 is up/up and that Tunnel1 is up/up
show ip int brief
  • On Router1 and Router3, view the tunnel interfaces. In this case only 1 has been configured.
show interface Tunnel 1
  • From Router1, ping the tunnel interface on Router3
ping 172.16.0.2
  • From Router3, ping the tunnel interface on Router1
ping 172.16.0.1

  • Additional verification
  • Configure a loopback interface on Router1
config t
    interface loopback1
        ip address 10.0.0.1 255.255.255.255
        no shut
  • On Router3, traceroute to the loopback interface on Router1 and notice how it uses the GRE tunnel to get there
traceroute 10.0.0.1
Type escape sequence to abort.
Tracing the route to 10.0.0.1

1 172.16.0.1 6 msec 2 msec 2 msec

 

6 comments
  1. MOISES CARABALLO
    MOISES CARABALLO
    August 12, 2019 at 8:06 pm

    I cannont open or download this lab. When I tried to, it crashes.

    • Joe Barger (CCNP/CCDP)
      Joe Barger (CCNP/CCDP) • Post Author •
      August 12, 2019 at 9:15 pm

      Try opening it with Firefox. Chrome and Internet Explorer tend to not work well.

  2. MOISES CARABALLO
    MOISES CARABALLO
    August 13, 2019 at 10:06 pm

    Firefox worked. Thank you.
    BTW. Recently passed my CCENT w/ the help of your website.

    • Joe Barger (CCNP/CCDP)
      Joe Barger (CCNP/CCDP) • Post Author •
      August 14, 2019 at 6:53 am

      That’s great news. Congratulations on passing the CCENT!

  3. Ilyas el Ouasghiri
    Ilyas el Ouasghiri
    February 2, 2020 at 5:01 pm

    correction on the test phase.
    ip addres 172.16.0.1-2 to ping not 172.168.0.1-2

    • Joe Barger (CCNP/CCDP)
      Joe Barger (CCNP/CCDP) • Post Author •
      February 5, 2020 at 10:56 pm

      Thank you. The lab has been updated.

Leave a Reply
s2Member®
Built by TrailSix