(Optional) Configuring GRE Security Options

Configuring GRE security options can improve GRE tunnel security.

Context

To enhance the security of a GRE tunnel, configure end-to-end checksum authentication or key authentication. This security mechanism can prevent the tunnel interface from incorrectly identifying and receiving packets from other devices.

Perform the following steps on the routers at two ends of a tunnel.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface tunnel interface-number

    The tunnel interface view is displayed.

  3. Run gre key { simple key-number-simple | [ cipher ] key-number-cipher }

    A key is set for the tunnel interface.

    If keys are set for the tunnel interfaces on the two ends of the tunnel, ensure that the keys are the same. Alternatively, you may choose not to set keys for the tunnel interfaces on both ends of the tunnel.

    • simple key-number-simple: specifies a plaintext key (integer).

    • key-number-cipher: specifies a plaintext key (integer) or a ciphertext key.

  4. Run commit

    The configuration is committed.

Parent Topic: Configuring a GRE Tunnel
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >