GRE over IPSEC problem

Publication Date:  2013-03-05 Views:  329 Downloads:  0
Issue Description
First we configured GRE and IPSEC on Core Router
Second also we have done the same on Eudemon200 Router
IPSec is working between Eudemon200 and PIX but GRE does NOT work.
Alarm Information
Handling Process
1. It is shown that the configuration of Eudemon about IPSEC&GRE has no problem and the Core Router can ping Eudemon successfully.
2. IPSEC working properly but by debugging of acl on Eudemon200 observe that acl get the request from Core router But packets with GRE in IPSec are not send through out port of Eudemon
change acl configuration from permit IP to permit GRE then problem was solved
Root Cause
1.Check the configuration of both site whether they are correct or not .
2.Check IPSEC and GRE separately if they are working well
Change configuration of ACL between firewall zone from permit IP to permit GRE .