VPN Objectives:

 Confidentiality
 Authentication -validate the identiy
 Data integrity -Preventing change [HASHING]
 Anti-replay

VPN Options:

 Site-to-site
 Client (remote access -IPSEC)
 SSLVPN (connection via https)
 DMVPN (Dynamic Multipoint VPN)

GRE:

 IPSec is limited to ip-based protocols and only unicast

1. GRE support multicast unicast broadcast >> so all routing protocols

2. GRE support other protocols not only IP based protocols

 RFC generic routing encapsulation (GRE) fixes that

 GRE by itself is unsecure, needs IPSec if used publicly
 DMVPN relies heavily on multipoint GRE tunnels
Router1 Conf:
Conf t
interface tunnel 0
ip address 192.168.1.1 255.255.0
tunnel mode gre ip
tunnel source 72.1.55.19 ! could be interface
tunnel destination 61.55.122.9

Router2 conf
conf t
interface tunnel 0
ip address 192.168.1.2 255.255.0
tunnel mode gre ip
tunnel source 61.55.122.9
tunnel destination 72.1.55.19

!now can ping 192.168.1.1 from router 2 via the tunnel

OSPF configuration:

Router1:
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 10.0.0.0 0.255.255.255 area 0
passive-interface default
no passive-interface tunnel 0
Router2:
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 10.0.0.0 0.255.255.255 area 0
passive-interface default
no passive-interface tunnel 0