Enables GRE (Generic Routing Encapsulation) tunneling on this profile, and creates a new GRE tunnel or modifies an existing GRE tunnel.
The GRE protocol allows encapsulation of one protocol within another. It is a tunneling protocol that transports any layer 3 protocol over an IP network. When enabled, a payload packet is first encapsulated in the GRE protocol. The GRE encapsulated payload is then encapsulated in another IP packet before being forwarded to the destination.
GRE tunneling can be configured to bridge Ethernet packets between WLANs and a remote WLAN gateway over an IPv4 GRE tunnel. The tunneling of 802.3 packets using GRE is an alternative to MiNT or L2TPv3. Related features like ACLs for extended VLANs are still available using layer 2 tunneling over GRE.
Using GRE, access points map one or more VLANs to a tunnel. The remote end point is a user-configured WLAN gateway IP address, with an optional secondary IP address should connectivity to the primary GRE peer be lost. VLAN traffic is expected in both directions in the GRE tunnel. A WLAN mapped to these VLANs can be either open or secure. Secure WLANs require authentication to a remote RADIUS server available within your deployment using standard RADIUS protocols. Access Points can reach both the GRE peer as well as the RADIUS server using IPv4.
The WiNG software now supports both IPv4 or IPv6 tunnel endpoints. However, a tunnel needs to contain either IPv4 or IPv6 formatted device addresses and cannot be mixed. With the new IPv6 tunnel implementation, all outbound packets are encapsulated with the GRE header, then the IPv6 header. The header source IP address is the local address of the IPv6 address of tunnel interface, and the destination address peer address of the tunnel. All inbound packets are de-capsulated by removing the IPv6 and GRE header before sending it over to the IP stack.
Note
Only one GRE tunnel can be created for every profile.gre tunnel <GRE-TUNNEL-NAME>
gre tunnel <GRE-TUNNEL-NAME>
gre tunnel <GRE-TUNNEL-NAME> | Creates a new GRE tunnel or modifies an existing GRE tunnel. If creating a new tunnel, specify a unique name for it. If modifying an existing tunnel, specify its name. |
rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#? GRE Tunnel Mode commands: dscp Differentiated Services Code Point establishment-criteria Set tunnel establishment criteria failover L2gre tunnel failover mtu L2GRE tunnel endpoint maximum transmission unit(MTU) native Native trunking characteristics no Negate a command or set its defaults peer L2GRE peer tunneled-vlan VLANs to tunnel clrscr Clears the display screen commit Commit all changes made in this session do Run commands from Exec mode end End current mode and change to EXEC mode exit End current mode and down to previous mode help Description of the interactive help system revert Revert changes service Service Commands show Show running system information write Write running configuration to memory or terminal rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)# rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#peer 1 ip 192.168.13.8 rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#peer 2 ip 192.168.13.10 rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#show context gre tunnel testGREtunnel peer 1 ip 192.168.13.8 peer 2 ip 192.168.13.10 rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)# rfs4000-229D58(config-profile-testRFS4000)#show context profile rfs4000 testRFS4000 bridge vlan 1 tunnel-over-level2 ip igmp snooping ip igmp snooping querier .................................................................................. use firewall-policy default service pm sys-restart router ospf gre tunnel testGREtunnel peer 1 ip 192.168.13.8 peer 2 ip 192.168.13.10 rfs4000-229D58(config-profile-testRFS4000)#
dscp | Sets the GRE tunnel‘s DSCP / 802.1q priority value |
establishment-criteria | Configures the GRE tunnel establishment criteria |
failover | Enables periodic pinging of the primary gateway to assess its availability, in case it is unreachable |
mtu | Configures the MTU for IPv4/IPv6 L2GRE tunnel endpoints |
native | Configures native trunking settings for this GRE tunnel |
no | Removes the GRE tunnel settings based on the parameters passed |
peer | Configures the GRE tunnel‘s end-point peers |
tunneled-vlan | Defines the VLAN that connected clients use to route GRE-tunneled traffic within their respective WLANs |
no | Disables GRE tunneling on this profile |