IPSEC OVER GRE的配置：

IPSEC OVER GRE的配置：


1.建立一个GRE的接口：
interface Tunnel0
ip address 172.16.1.2 255.255.255.0
source 200.1.1.2
detination 200.1.1.3
2.建立IPsec的IKE的Proposal
ike proposal 1
ipsec proposal 1
3配置IKE的peer
ike peer r3
 pre-shared-key 123456
 remote-address 172.16.1.1
 local-address 172.16.1.10
4配置IPsecDE POLICY
ipsec policy test isakmp
security acl 3000
5.配置分离隧道：
acl 3000
rule permit ip source 192.168.1.0 0.0.0.0 destination 192.168.3.0 0.0.0.0


6.配置访问VPN私网的数据走Tunnel接口：
ip route-static 192.168.3.0 0.0.0.0 tunnel0
7.将IPsec的policy应用到Tunnel接口
interface tunnel0
   ipsec policy test