You must complete these tasks to configure GRE over IPsec:
-
Configure a GRE tunnel for the traffic that you want to secure.
-
Configure an IKEv1 policy, if desired. You can also use manual key configuration.
-
Create an IPsec proposal with tunnel or transport mode. You can use an existing proposal.
-
Create an IPsec policy with these settings:
-
For the traffic selector:
-
Key Exchange Method = Auto (with IKEv1) or Manual.
-
Proposal = the IPsec proposal that you created in step 3
Configure other settings as you choose.
-
Configure firewall access policies to allow the traffic.
-
Configure a static route for the VPN traffic, if necessary.


|