[j-nsp] building a gre tunnel between two juniper boxes (one behind a NAT)
Jonathan Lassoff
jof at thejof.com
Fri Jan 28 19:18:53 EST 2011
On Fri, Jan 28, 2011 at 4:02 PM, Simon Chen <simonchennj at gmail.com> wrote:
> Hi all,
>
> This might be a stupid question...
>
> I am trying to configure a GRE tunnel between two Juniper routers. One
> is connecting to the Internet with a public IP, the other one is
> unfortunately behind a broadband router --- this is a temporary setup,
> but I need to get it to work...
Unfortunately, since GRE is an IP protocol, it requires having two IPs
on the endpoints that can route directly to one another, or in your
case a NAT router that can support forwarding IP protocol 47 to your
NATed endpoint.
> What is my best option to build a GRE tunnel betweent these two
> routers? I am not sure if GRE would still work if one side is behind a
> NAT. I can potentially make the second router into DMZ, but it must
> run a dhcp client, which I don't think it's there...
JunOS has a DHCP client, just set the "dhcp" option under your iff
(interface .... family ....) interface and any associated options that
you'd like.
Cheers,
jof
More information about the juniper-nsp
mailing list