Layer2 Traffic through a Tunnel ???

Layer2 Traffic through a Tunnel ???

Post by Keith Leit » Sun, 15 Jul 2001 07:24:55



 Greetings,

 Thanks for answering my post, the current problem I have is I need to send
Layer2 type traffic through a tunnel ... is this possible ?

 I enabled bridging on both routers and created a bridge group and that
seems to work fine I can see my netbeui traffic passing ....

 The problem is I have to be able to encapsulate netbeui or any other Layer2
type protocol and encapsulate within a IP packet.

 Again any suggestions would be greatly apprectiated ....

 Keith Leite


 
 
 

Layer2 Traffic through a Tunnel ???

Post by Mortimer Mou » Tue, 17 Jul 2001 19:34:00


Quote:>  Thanks for answering my post, the current problem I have is I need to send
> Layer2 type traffic through a tunnel ... is this possible ?

Sure.  See...

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cg...

Quote:>  I enabled bridging on both routers and created a bridge group and that
> seems to work fine I can see my netbeui traffic passing ....

>  The problem is I have to be able to encapsulate netbeui or any other Layer2
> type protocol and encapsulate within a IP packet.

The usual way to do this is using a GRE tunnel between two routers,
and configuring an additional loopback interface on each router as the
source interface for the tunnel traffic, as below.  Here, each router
has a bridge group defined which allows certain traffic only as stated
in the 200-series ACL onto the loopback interface. In this case it's
LAT only - you will need to check the LSAP protocol number(s) for
netbios/netbeui as I can't remember these off-hand.  Once the traffic
is forwarded from the LAN interface onto the loopback, it is
encapsulated into IP GRE and forwarded to the far router.

                 --------------------------
               /                            \
       Tunnel0|                              |Tunnel0
              |                              |
LAN--------Router A-------WAN Cloud-------Router B--------LAN
        Eth0      Ser0                 Ser0      Eth0

Router A
--------

int e0
 ip address 192.168.100.254 255.255.255.0
 bridge-group 1

int loop0
 no ip address
 bridge-group 1
 bridge-group 1 output-type-list 200

int tunnel 0
 tunnel source interface loopback0
 tunnel destination 192.168.200.254

access-list 200 permit 0x6000 0x600f

Router B
--------

int e0
 ip address 192.168.200.254 255.255.255.0
 bridge-group 1

int loop0
 no ip address
 bridge-group 1
 bridge-group 1 output-type-list 200

int tunnel0
 tunnel source interface loopback0
 tunnel destination 192.168.100.254

access-list 200 permit 0x6000 0x600f

 
 
 

Layer2 Traffic through a Tunnel ???

Post by Keith Leit » Thu, 19 Jul 2001 19:58:06


    Thanks Mortimer,

    I will give that a try ....

    Thanks again for the info .....

    Keith

Quote:> >  Thanks for answering my post, the current problem I have is I need to
send
> > Layer2 type traffic through a tunnel ... is this possible ?

> Sure.  See...

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cg...
r_c/icdlogin.htm#xtocid292793
Quote:

> >  I enabled bridging on both routers and created a bridge group and that
> > seems to work fine I can see my netbeui traffic passing ....

> >  The problem is I have to be able to encapsulate netbeui or any other
Layer2
> > type protocol and encapsulate within a IP packet.

> The usual way to do this is using a GRE tunnel between two routers,
> and configuring an additional loopback interface on each router as the
> source interface for the tunnel traffic, as below.  Here, each router
> has a bridge group defined which allows certain traffic only as stated
> in the 200-series ACL onto the loopback interface. In this case it's
> LAT only - you will need to check the LSAP protocol number(s) for
> netbios/netbeui as I can't remember these off-hand.  Once the traffic
> is forwarded from the LAN interface onto the loopback, it is
> encapsulated into IP GRE and forwarded to the far router.

>                  --------------------------
>                /                            \
>        Tunnel0|                              |Tunnel0
>               |                              |
> LAN--------Router A-------WAN Cloud-------Router B--------LAN
>         Eth0      Ser0                 Ser0      Eth0

> Router A
> --------

> int e0
>  ip address 192.168.100.254 255.255.255.0
>  bridge-group 1

> int loop0
>  no ip address
>  bridge-group 1
>  bridge-group 1 output-type-list 200

> int tunnel 0
>  tunnel source interface loopback0
>  tunnel destination 192.168.200.254

> access-list 200 permit 0x6000 0x600f

> Router B
> --------

> int e0
>  ip address 192.168.200.254 255.255.255.0
>  bridge-group 1

> int loop0
>  no ip address
>  bridge-group 1
>  bridge-group 1 output-type-list 200

> int tunnel0
>  tunnel source interface loopback0
>  tunnel destination 192.168.100.254

> access-list 200 permit 0x6000 0x600f

 
 
 

1. Not routing thru vpn tunnel

I am using 2 Symantec Firewall/ VPN 100 Appliances, one at each site.

The host site has a Symantec Firewall/ VPN 100 router with a static pubic ip
address is 206.x.x.1 .  The host private ip address is 10.1.1.1  .

The remote site has a Symantec Firewall/ VPN 100 router with a  ISP provided
pubic dynamic ip address.  The remote private ip address is 10.1.2.1  .

The router makes the vpn  tunnel connection fine, but I can only ping the
host and remote gateway private IP adresses

I can ping 10.1.1.1 from the remote site and I can ping 10.1.2.1 from the
host site.   , I can not ping any other hosts or routers thru the tunnel.

I tried to setup static routes but nothing I have tried seems to work.


2. compaq 56k modem problem

3. IPsec tunnel thru NAT router

4. HELP: I need an agent to move field data in a form !!

5. Tunnels thru a filter router.

6. mysqld_multi

7. config IPX go thru IP tunnel with DES encryption

8. Book Announcement

9. IPX Tunnel thru firewall

10. PIX - VPN pass-thru & VPN tunnel simultaneously

11. Split Tunnel Blocks http through tunnel but passes http around tunnel

12. Pass all traffic thru 776M router to an ip address?