EasyManuals Logo
Home>Digi>Switch>AnywhereUSB Plus

Digi AnywhereUSB Plus User Manual

Digi AnywhereUSB Plus
815 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #643 background imageLoading...
Page #643 background image
Virtual Private Networks (VPN) Generic Routing Encapsulation (GRE)
AnywhereUSB® Plus User Guide
643
Example: GRE tunnel over an IPSec tunnel
The AnywhereUSB Plus device can be configured as an advertised set of routes through an IPSec
tunnel. This allows you to leverage the dynamic route advertisement of GRE tunnels through a
secured IPSec tunnel.
The example configuration provides instructions for configuring the AnywhereUSB Plus device with a
GREtunnel through IPsec.
AnywhereUSB Plus-1 configuration tasks
1. Create an IPsec tunnel named ipsec_gre1 with:
n
A pre-shared key.
n
Remote endpoint set to the public IP address of the AnywhereUSB Plus-2 device.
n
A policy with:
l
Local network set to the IP address and subnet of the local GRE tunnel,
172.30.0.1/32.
l
Remote network set to the IP address and subnet of the remote GRE tunnel,
172.30.0.2/32.
2. Create an IPsec endpoint interface named ipsec_endpoint1:
a. Zone set to Internal.
b. Device set to Ethernet: Loopback.
c. IPv4 Address set to the IP address of the local GRE tunnel, 172.30.0.1/32.
3. Create a GRE tunnel named gre_tunnel1:
a. Local endpoint set to the IPsec endpoint interface, Interface: ipsec_endpoint1.
b. Remote endpoint set to the IP address of the GRE tunnel on AnywhereUSB Plus-2,
172.30.0.2.
4. Create an interface named gre_interface1 and add it to the GRE tunnel:
a. Zone set to Internal.
b. Device set to IP tunnel: gre_tunnel1.
c. IPv4 Address set to a virtual IP address on the GRE tunnel, 172.31.0.1/30.
AnywhereUSB Plus-2 configuration tasks
1. Create an IPsec tunnel named ipsec_gre2 with:
n
The same pre-shared key as the ipsec_gre1 tunnel on AnywhereUSB Plus-1.
n
Remote endpoint set to the public IP address of AnywhereUSB Plus-1.
n
A policy with:
l
Local network set to the IP address and subnet of the local GRE tunnel,
172.30.0.2/32.
l
Remote network set to the IP address of the remote GRE tunnel, 172.30.0.1/32.
2. Create an IPsec endpoint interface named ipsec_endpoint2:
a. Zone set to Internal.
b. Device set to Ethernet: Loopback.
c. IPv4 Address set to the IP address of the local GRE tunnel, 172.30.0.2/32.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Digi AnywhereUSB Plus and is the answer not in the manual?

Digi AnywhereUSB Plus Specifications

General IconGeneral
BrandDigi
ModelAnywhereUSB Plus
CategorySwitch
LanguageEnglish

Related product manuals