Network engineers notepad

GRE via IPSEC This lab shows us how to configure a conventional GRE tunnel over IPSEC. GRE is great for emulating a conventional P2P link and is often used in secondary connections via an ISP. This configuration is based on a LAB by the fantastic GNS3 Vault please check them out if you want a more detailed explanation of how to configure the below.   # #################### ## INTERNET ## ##################### int fa0/0 ip addr 192.168.12.2 255.255.255.0 no shut int fa0/1 ip addr 192.168.23.2 255.255.255.0 no shut router eigrp 1 network 192.168.12.0 network 192.168.23.0 ##################### ## NYC ## ##################### int fa0/0 ip addr 192.168.12.1 255.255.255.0 no shut int lo1  ip addr 1.1.1.1 255.255.255.0 router eigrp 1 network 192.168.12.0 router ospf 1  network 192.168.13.0 0.0.0.255 area 0   network 1.1.1.0 0.0.0.255 a...

Cisco ISR IPSEC to IPSEC (GNS3) This is a basic  config for IPsec to IPsec tunneling between two cisco ISRs. I prefer to use GRE tunneling for Lan to Lan but this is commonly used when connecting to 3rd parties or where GRE tunneling is not available. ############################### ## NYC ## ############################## # conf t router ospf 1 network 30.0.0.0 0.0.0.255 area 0 network 1.1.1.0 0.0.0.255 area 0 ip access-list ext 101  permit icmp host 1.1.1.1 host 3.3.3.3 crypto isakmp policy 10  encr aes 256  authentication pre-share  group 5  lifetime 1300 crypto isakmp key 0 vault address 40.0.0.1  crypto ipsec security-association lifetime seconds 1800 crypto ipsec transform-set MYSET esp-aes esp-sha-hmac crypto map MYMAP 10 ipsec-isakmp  set peer 40.0.0.1  set transform-set MYSET  match address 101 int fa0/0  ip addr 30.0.0.1 255.255.255.0  crypto map MYMA...

IPSEC over GRE  Not something that you would want to do in production but the following configuration is to tunnel IPSEC over GRE (As apposed to GRE inside IPSEC). This is based on a lab from the excellent gns3vault.com link below for the video explanation and final configs. http://gns3vault.com/tunneling/gre-over-ipsec/ ######################## ## NYC ## ######################## int fa0/0  ip addr 192.168.12.1 255.255.255.0  no shut int lo0  ip addr 11.11.11.11 255.255.255.0 crypto isakmp policy 1 encryption aes 256 group 5 authentication pre-shar crypto isakmp key 0 PA$$WORD address 192.168.23.3 crypto ipsec  transform-set NY_TRANS_SET esp-aes esp-sha-hmac crypto ipsec profile TUNNEL_PROTECT  set transform-set NY_TRANS_SET int tu10  tunnel source fa0/0  tunnel destination 192.168.23.3  tunnel mode ipsec ipv4  tunnel protection ipsec profile TUNNEL_PROTECT ip route 33.33.33.0 255.255.255.0 1...