ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

IPSec over GRE?

02.29.12   |  
‎02-29-2012 07:35 AM

Hi all,

 

Can Juniper Firewall support IPSec over GRE?

Are there kb links on this?

 

Couldn't find much information here...

Thanks!

Michael
JNCIA-JUNOS, JNCIS-ENT/SEC, JNCIP-ENT
(CCNA, ACMP, ACFE, CISE)
"http://www.thechampioncommunity.com/"
CONNECT EVERYTHING. EMPOWER EVERYONE.
Share & Learn. Knowledge is Power.

"If there's a will, there's a way!"
4 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: IPSec over GRE?

03.01.12   |  
‎03-01-2012 01:26 AM

Hi,

 

KB3256 How to configure a GRE tunnel over IPSEC between Juniper Firewall devices

KB6126 Can a GRE tunnel be established between a Juniper Firewall and a Cisco Router?

Kind regards,
Edouard
ScreenOS Firewalls (NOT SRX)

Re: IPSec over GRE?

03.04.12   |  
‎03-04-2012 07:48 PM
Hi echidov,

Thanks for that.
How about IPSec over GRE?
Thanks!

Michael
JNCIA-JUNOS, JNCIS-ENT/SEC, JNCIP-ENT
(CCNA, ACMP, ACFE, CISE)
"http://www.thechampioncommunity.com/"
CONNECT EVERYTHING. EMPOWER EVERYONE.
Share & Learn. Knowledge is Power.

"If there's a will, there's a way!"
ScreenOS Firewalls (NOT SRX)

Re: IPSec over GRE?

03.05.12   |  
‎03-05-2012 12:32 AM

Hi,

 

I have never tried this but it should be possible. You can configure a GRE tunnel as described in the KB but without IPSec. As there are no VPN SAs the tunnel interface will not come up. But routing through the tunnel interface may be forced if the routes are configured as permanent. The IPs of the VPN endpoints should be routed across the GRE tunnel.

As I suppose you want to terminate the VPN IPSec on a third party device(s). If both devices are SSGs this does not make sense to use IPSec over GRE.

Kind regards,
Edouard
ScreenOS Firewalls (NOT SRX)

Re: IPSec over GRE?

03.06.12   |  
‎03-06-2012 02:47 AM
Hi echidov,

Thanks for sharing.

Anyone have any links to share on this?
Thanks!

Michael
JNCIA-JUNOS, JNCIS-ENT/SEC, JNCIP-ENT
(CCNA, ACMP, ACFE, CISE)
"http://www.thechampioncommunity.com/"
CONNECT EVERYTHING. EMPOWER EVERYONE.
Share & Learn. Knowledge is Power.

"If there's a will, there's a way!"