- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- SR 7102dl NAT + GRE Tunnel
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2016 12:53 PM
04-27-2016 12:53 PM
SR 7102dl NAT + GRE Tunnel
Hi,
I've configured another Secure Router 7102dl to act as Many to one NAT router with GRE tunneling to another the same secure router. NAT works fine, all hosts have access to the internet. Unfortunately, tunnel communication works only in one direction: I can reach any host behind that router from first router, but I can't establish communication in opposite direction: from any host in local network on newly configured router to any host in local network of first router.
I believe I missed something in configuration:
! ProCurve Secure Router 7102dl SROS version J17.02.00 ! Boot ROM version J06.03 ! Platform: ProCurve Secure Router 7102dl, part number J8752A ! Serial number US525TRABG ! Flash: 33554432 bytes DRAM: 134217727 bytes ! Date/Time: Thu Apr 28 2016, 03:49:11 GMT+08:00 ! ! hostname "hk2uk" enable password encrypted 3xxx ! clock timezone +8-Bejing ! ip subnet-zero ip classless ip routing ! ! ip domain-name "domain.com" ip name-server 8.8.8.8 10.171.3.247 ! ! event-history on no logging forwarding no logging console no logging email ! service password-encryption ! username "manager" password encrypted xxx ! ! ip firewall no ip firewall alg msn no ip firewall alg h323 ! ! ! ! ! ! autosynch-mode no safe-mode ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface eth 0/1 ip address 1.2.3.4 255.255.255.252 access-policy web no shutdown ! ! interface eth 0/2 ip address 192.168.4.20 255.255.252.0 access-policy NATInside no shutdown ! ! ! ! interface tunnel 2 description HK to UK Tunnel ip address 172.16.0.6 255.255.255.252 tunnel mode gre tunnel source eth 0/1 tunnel destination 5.6.7.8 tunnel key 1234 keepalive 60 5 no shutdown ! ! ! ! router ospf network 192.168.4.0 0.0.3.255 area 0 network 172.16.0.4 0.0.0.3 area 0 ! ! ! ! ip access-list standard NAT permit any ! ! ip access-list extended web-acl-3 remark Admin Access permit tcp 5.6.7.8 0.0.0.31 any eq www log permit tcp 5.6.7.8 0.0.0.31 any eq https log permit tcp 5.6.7.8 0.0.0.31 any eq ssh log ! ! ip policy-class NATInside nat source list NAT address 1.2.3.4 overload ! ip policy-class web allow list web-acl-3 self ! ! ! ip route 0.0.0.0 0.0.0.0 210.3.127.33 ip route 10.171.0.0 255.255.0.0 tunnel 2 ip route 10.171.0.0 255.255.0.0 172.16.0.6 ip route 10.172.0.0 255.255.0.0 tunnel 2 ip route 10.172.0.0 255.255.0.0 172.16.0.6 110 ip route 192.168.4.0 255.255.252.0 192.168.4.22 ip route 192.168.59.0 255.255.255.0 tunnel 2 ip route 192.168.59.0 255.255.255.0 172.16.0.6 110 ! no ip tftp server no ip tftp server overwrite ip http server ip http session-timeout 1800 no ip http secure-server ip snmp agent no ip ftp server ip ftp server default-filesystem flash no ip scp server no ip sntp server ! ! ! ! snmp-server contact email "it@domain.com" snmp-server location "hk" snmp-server view readonly 1.* included snmp-server community public RO snmp-server community readonly RO snmp-server community community RO ! ! ! ip sip ! ! ! ! ! ! ! ! ! ! ! ! ! ! line con 0 login ! line telnet 0 4 login shutdown line ssh 0 4 login local-userlist no shutdown ! sntp server 81.168.77.149 ! ! ! ! end
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2016 01:27 PM
04-27-2016 01:27 PM
Re: SR 7102dl NAT + GRE Tunnel
Hello,
Do you have network:
interface eth 0/1
ip address 1.2.3.4 255.255.255.252
Added to OSPF on your router?
I cannot see static routes for remote LAN in you RTR config
Michal