Using the Tunnel interface on router

Hello world

I see hew Tunnel interface on the router.

Router is running OSPF.

However, there is no cryptographic statements.

tunnel configuration

Tunnel1 interface

10.4.x.x from IP x.x.x.x

time 7

source of tunnel Loopback1

destination 10.4.x.x tunnel

My question is when we use the interface Tunnel without any cryptographic statements?

Thank you

MAhesh

This Tunnel is a plain GRE Tunnel. They are generally used without crypto when:

(1) traffic is not sent through an untrusted network and cryptographic protection is not necessary.
(2) the GRE traffic gets encrypted on a separate device if the end point free WILL is not able to do the necessary cryptographic protection.

Sent by Cisco Support technique iPad App

Tags: Cisco Security

Similar Questions

  • Using the tunnel path mtu-search command

    Hello world

    Need to know why to use the tunnel-search path mtu command--if we have the GRE tunnels at both ends?

    Also the same command can be used if we have GRE over IPSEC VPN?

    Thank you

    MAhesh

    You can read the description here:

    http://www.Cisco.com/en/us/docs/iOS-XML/iOS/interface/command/IR-T2.html#GUID-3B831D75-DAD0-472A-AC32-A6A066F71C33

    It forces unattainable sending should exceed US MTU, rather the fragmentation occurs.

    And Yes, it applies to GRE over IPsec and is quite a good feature in most cases.

  • Why can't connect using Apple Airport WIFI of my remote security cameras but can connect using the Xfinity WIFI Modem/Router open?

    Why can't connect using Apple Airport WIFI of my remote security cameras but can connect using the Xfinity WIFI Modem/Router open?

    Two possibilities:

    (1) your airport WiFi might have a network name that is not in line with best practices, wireless

    A good wireless network name is...

    ... In short no more than 20 characters

    Simple... no special characters like an apostrophe, dollar sign, asterisk, etc.

    Compact, without spaces in the name

    For example, a wireless network network name as... red .dfedoryk Apple wireless network... .is not what you want. Something like... .dfedorykwireless. .. masse are much more likely to connect to non-Apple devices.

    Same guidelines your password

    (2) Apple gives the same name to network 2.4 GHz and 5 GHz network that produces double router band.  Some non-Apple devices are confused by the present, you may need to use the option to assign a different name for the network of 5 GHz on the router from Apple. Then, 'point' your device to the network name specific to which you want to connect.

  • You can use the ZyXEL NBG-419N router in windows xp

    You can use the ZyXEL NBG-419N router in windows xp

    Hello

    The real question is to know if your wireless device is compatible which should be it that this router has also B and G
    capabilities. Check the Support and the Documentation of ZyXEL. If you think there may be problems (would be unusual)
    Check with the manufacturer of your device WiFi support and documentation.

    ZyXEL NBG-419N
    http://us.ZyXEL.com/products/details.aspx?PC1IndexFlag=20040520161256&CategoryGroupNo=2F39BF6F-E115-4047-A6C9-36833483A7CA

    One of the first things I do with a router is updates of the firmware.

    I hope this helps and happy holidays!

    Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle=""><- mark="" twain="" said="" it="">

  • Aironet 1240AG - cannot use the web interface

    I'm trying to set up a new Aironet 1240AG. After that she won an IP from the DHCP in my LAN, I can always connect using the web interface. I use an Internet Explorer 6.0 on Win 2000. It keeps telling me cannot find the server. Please I need help

    Hi Olivier,.

    First off you're welcome :) This method really works without the need for a WLC, be patient. Check the address static IP put you on your TFTP (* range 10.0.0.2 to 10.0.0.30)

    Rename the access point image file in the folder of the server TFTP c1200-k9w7 - tar.default for a series of 1200 access point

    Looks like a problem TFTP (no firewall on your PC?)

    Take a look at the details in the following threads that each has to do with TFTP. There are some great tips to troubleshoot TFTP some of my NetPros favorite ScottMac, Cisco's Stephen and Jack Young. The likely culprit may be you need to uncheck "Hide extensions for known file types" on your server TFTP;

    http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Wireless%20-%20Mobility&topic=WLAN%20Radio%20Standards&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1ddc042b/8#selected_message

    http://Forum.Cisco.com/eForum/servlet/NetProf?page=NetProf&Forum=Wireless%20-%20Mobility&topic=General&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1ddc03c4/2#selected_message

    http://Forum.Cisco.com/eForum/servlet/NetProf?page=NetProf&Forum=Wireless%20-%20Mobility&topic=General&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1ddbf271

    I hope this helps! Good luck!

    Rob

    Remember messages useful rate...

  • Anyone who has a problem with the system crashes when importing using the new interface to import

    Anyone who has a problem with the system crashes when importing using the new interface to import

    Can specify you what Adobe program you use so that we do that your post is in the right forum?

  • In Camera Raw 8.4.1 I can open the DNG for 3 years, but it's using the old interface and features not the current - how can I change this. Rebuilt the cache.

    Creative cloud running on a HP with 18 GB of Ram - I'm working on a project using DNG 3 years old and when I open in my current Camera Raw, it uses the old interface with 'contrast' down and "valorisation" below 'exposure' - How do Camera Raw to open with the current interface?

    Thanks for any help.

    Craig

    If you are referring to the version of process , you who set the ACR camera Calibration tab.

    Also remember that all images with previous settings will show the process used when they were stopped.  Which can also be changed in this tab.

  • check box use the temporary Interface as a derived Table

    Hello
    in some guides and oracle websits, they want to check the box use the temporary Interface as a derived Table (Sub-Select).
    but the topology and datastor KM or target, I can't click on it...
    is - anyone know why? what setting I need to change?

    reason
    I want to create a temporary interface to use as a source.
    MySQL-> temp. interface-> join oracle of temp table. interface.

    Thank you..
    Michael

    Hi michael,.

    When you create a temporary interface, an interface in which the target data store does not exist, you can then use this temporary interface as a source in a different interface. Once you add the temp as a source interface on the mapping tab, select the temporary interface. You should see the check box in the Properties window of the Source to 'Use the temporary Interface as a Derived Table (Sub-Select)'. To use the code integrated into the interface of temp, check this box. The code will then be added as a subselect for this interface.

    See this post for more details: http://www.rittmanmead.com/2011/06/odi-11g-new-mapping-and-interface-features-part-1/

    Enjoy!
    Michael R.

  • Is it possible to add a hard drive to a VM running via a script or a program without using the user interface

    I'll try to ask this question clearly, but I ask that read you it carefully, because I can't do a great job of setting out clearly what I'm looking for.

    I know how to create a virtual disk in a batch file or a script.  I know how to have a running virtual machine to detect a newly added hard drive and format it in Linux, BACK, and NetWare. I do not have scripted this part, but I did it manually by adding records via the UI and then by doing the steps manually to make the operating system to detect and format the newly added drive. In each case, these steps are scriptable with the exception of the addition of the drive in the user interface.

    The only way I know to add a new hard disk to a virtual computer running is through the user interface. I don't know in a way that can contain script (for example vmrun or an API call) to make.

    I guess that maybe I can have the virtual machine to go into sleep mode and then add the HDD in the vmx file while the machine is in standby mode, then put the computer to sleep mode, although I have not tested this.

    My question is, ' can a virtual drive be added to a virtual machine running without using the user interface and without put the machine to sleep, or in other words in a script any?

    Have you tried VI SDK?

  • Loading multiple files using the same interface in ODI

    Hi all

    We load multiple files using the same interface and get the error "java.sql.SQLException: ORA-00942: table or view does not exist" while inserting record in the staging table. It looks like the same temporary table is used when loading multiple files and the error. Grateful if someone offers a solution to avoid this error.
    We use the following KMS:

    (1) LKM SQL file
    (2) IKM Oracle SQL COMMAND append.

    Receive a quick response.

    Thank you
    RP

    Hello

    See this http://odiexperts.com/interface-parallel-execution-a-new-solution

    Thank you
    Fati

  • How to add new resource to existing routes using the API / Interface Tables?

    Hi friends,

    I need to add new resources to our existing ranges. The number of records is more than 10,000. So I need to create an anonymous block for her. But I don't know what are the tables Interface / API to use for their insertion. If anyone can guide me how can this be achieved, I would really appreciate it. If you can provide me with an example of code for it, it would be the best.

    Thanks in advance.

    KM

    Hi KM.

    PL insert the line in the BOM_OP_RESOURCES_INTERFACE table with

    INSERT INTO BOM_OP_RESOURCES_INTERFACE
    (process_flag, transaction_type, organization_id, routing_sequence_id, operation_seq_num, resource_seq_num,
    resource_code, assigned_units, usage_rate_or_amount, basis_type, schedule_flag, creation_date, effectivity_date)
    VALUES
    (1, 'CREATE', organization_id, v_rout_seq_id, v_operation_seq_num, v_resource_seq_num, v_resource_code,
    v_assigned_units, v_usage_rate_or_amount, DECODE (v_basis_type, 'BATCH', 2, 'ITEM', 1),
    Decode(i.schedule_yes_no, 'YES', 1, 'NO', 2), sysdate, v_eff_dt);

    Where, v_eff_dt = SELECT operation_sequence_id, effectivity_date IN v_oper_seq_id, v_eff_dt
    OF bom_operation_sequences b
    WHERE b.routing_sequence_id = v_rout_seq_id
    AND b.operation_seq_num = v_operation_seq_num;

    Then run simultaneous 'Bill and routing Interface' to import resources into the existing ranges.

    HTH
    Sanjay

  • Easy VPN with the Tunnel Interface virtual IPSec dynamic

    Hi all

    I configured easy vpn remote on a cisco 1841 and dynamic server easy vpn with virtual tunnel interface on the server (cisco 7200, 12.4.15T14)

    http://www.Cisco.com/en/us/partner/prod/collateral/iosswrel/ps6537/ps6586/ps6635/prod_white_paper0900aecd803645b5.html

    It works with easy vpn remote to the client mode and mode network-extesión, but it doesn't seem to work when I configure mode plus network on the client of the cpe, or when I try to have TWO inside the ez crypto interfaces. On the customer's site, I see two associations of security, but on the server PE site only security SA!

    Without virtual dynamic tunnel interface, dynamic map configuration is ok... This is a limitation of the virtual tunnnel dynamic interface?

    Federica

    If one side is DVTI and the other uses a dynamic map, it does support only 1 SA. If the two end uses DVTI or the two end uses dynamic card then it supports several SAs.

    Here is the note of documentation for your reference:

    Note: Multiple inside interfaces are supported only when the Cisco Easy VPN server and the Cisco Easy VPN client have the same type of Easy VPN configuration. In other words, both must use a Legacy Easy VPN configuration, or both must use a DVTI configuration.

    Here's the URL:

    http://www.Cisco.com/en/us/docs/iOS/sec_secure_connectivity/configuration/guide/sec_easy_vpn_rem_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1046365

    Hope that answers your question.

  • Using the same interface CAN read and write

    Hello.

    Can I use the same CAN interface to read and write?

    For example:

    I send you CAN frame using CAN1 to my MCU.

    IF MCU confirmed the order of receiver it immediately sends the echo return command and there different ID to send the command.

    I tried to use CAN1 output framework and then reconfigures CAN1 to frame in queue and retrieve the frame of the echo.

    But it seems that I was always missing. The 'framework of CAN' kept vi expire.

    When I used the separator on the outlet BOX in my configured MCU CAN1 for frame and CAN2 for chassis in and I managed to catch the echo framework.

    I think about 100 ms for the frame in response that will be sent after the order has been received. It takes longer for the NI PXI-8513 reconfigure? Can I still do it, or I have to use the separator?

    I wad jump to use an interface to read and write.

    Thank you

    Ok. I misread your notion of echo. I understand now. I'm sorry.  The code you posted seems reasonable.

    (1) did you notice on or off for the session?

    (2) what baud rate? You can add a parameter of baud rates for the property to be explicit node.

    (3) I don't remember the name of VI, but you can add a status of Comm Get after reading. This will give you some information about the bus - if errors were detected, etc. Which can be useful to help debug.

  • Changes in the driver vi using the Simulation Interface Toolkit (SIT) for PXI get do not appear.

    Hello

    I use Simulation Interface Toolkit to target a controller built in Simulink on a PXI target. I used the SIT connection manager to generate the driver screws I had to make some changes in the screw driver specifically Read.vi IO. I made the changes and the entire application runs without error. But the changes are not getting in the functioning of the application, essentially when I load the thing on PXI and run it, it contains exactly as it was before behaiving I made these changes. Some how the changes I make to the Read.vi of e/s are not begin day somewhere in the top vi driver.

    Could someone help me with this please.

    Eliane.

    Hi Justin_P,

    Thank you very much for the reply. Solved the problem. What you're saying, that's certainly true, but I do not use the project.

    The problem was that whenever it makes a change one driver that saw VI top-level driver must be opened and saved again. This opening and registration links the pilot with new changed correctly VI and then everything works fine.

    Thanks again.

    Eliane.

  • ASA 5510 - possible to fill the 2 interfaces in routed mode

    Cisco ASA 5510 with security more license, version 9.1 (5) running in routed mode.

    I want to fill two interfaces for example: eth0/2 and 3/eth0 and configure an IP address / network while leaving the ASA 5510 in routed mode. I know that this is possible in transparent mode, but I need to keep this in routed mode. I know I could configure a single interface and connect a switch but my client does not want to do.

    Otherwise, my only thought would be to configure each interface eth0/2 and eth0/3 as a network traffic and the route of subnet separate between the two.

    Any help would be appreciated!

    Thank you

    Andrew

    Andrew

    That would help us answer you better if we understood more about what your client and you want to accomplish. But to answer the specific question you asked, I don't think it is possible in an ASA5510 in routed mode configuration Eth2 and Eth3 to share a single IP address.

    Linking to Eth2 and linking to Eth3 Are they really the same subnet?

    HTH

    Rick

Maybe you are looking for