645M-4_GRE_app_note1.1.docx 1 of 8

GRE Tunnelling The following application note demonstrates the configuration of the ELPRO 645M-4 cellular modem utilizing the

GRE Tunnelling feature. Generic Routing Encapsulation (GRE) is a tunnelling protocol which will encapsulate a wide

variety of network layer protocols inside a point to point link. There are some benefits of using GRE in that it will

allow multicast packets to traverse across a network and the routing of multiple subnets. When using a Public

Cellular network, it is recommended that some form of security be used to protect the data from eavesdropping.

Network Example - Overview Typical network applications that GRE can be used for are Master – Slave and Point to Multipoint applications as

seen below. This application note will cover configuration for both of these examples.

Feature Overview The GRE page is used to add and delete GRE tunnels. You will need to configure a tunnel instance for each

communication link to another remote site. The ELPRO 645M-4 GRE Tunnelling configuration is located under

Services – VPN – GRE Tunnel webpage link. Enter a “New Instance Name” and press the “Add” button to create a

tunnel. You will need to configure the certain parameters based on the different network configurations and

requirements. A static Local IP Address and a Remote Cellular IP address is required to allow for the tunnel’s

automatic connection and reconnection.

645M-4_GRE_app_note1.1.docx 2 of 8

Application Example – Master – Slave’s

Central 645M-4 #1 Master to Slave Remotes

The following GRE example is performed using a Private Cellular network which prohibits Public access. Each ELPRO

645M-4 will have a static Private Cellular IP Address (10.100.1.X) and a distinct assigned LAN IP subnet address.

In order to create a point to point connection between the ELPRO 645M-4 LAN networks, we will have to define

GRE tunnels between the units. The example above demonstrates a Central ELPRO 645M-4 modem which requires

a LAN2LAN communication to two remote 645M-4 modems. In this case, two GRE tunnels will be added in the

Central Modem and one GRE Tunnel will be added in each remote 645M-4 modem.

Note: when utilising GRE Tunnels each Modems LAN must be part of different subnet along with the network

devices than will communicate via the GRE Tunnel. In this application the following LAN IP addresses are assigned

to each 645M-4 Modem,

• 645M-4 Master – 192.168.1.1

• 645M-4 #1 – 192.168.2.1

• 645M-4 #2 – 192.168.3.1

After creating the GRE tunnel instances, you will need to configure the

following parameters.

Enable: Enables the GRE Tunnel

Peer IP Address: The Peer IP address is the cellular IP address of the modem

at the other end of the tunnel, in this case the remote 645M-4 modem is

using the IP address (10.100.1.70)

Remote LAN Subnet: The remote LAN subnet, i.e. 192.168.2.0

Remote LAN Netmask: The remote LAN subnet mask, i.e. 255.255.255.0, etc.

Local Interface: Enable which interface will be used with the GRE tunnel

(default is “All”)

Local Tunnel IP: The unique IP address associated with the GRE Tunnel, (e.g.

10.0.0.1, 11.0.0.1, etc.)

Local Tunnel Mask: The Local LAN subnet mask, i.e. 255.255.255.0, etc.

You will also need to configure another GRE tunnel for the second remote.

When complete you should have two GRE tunnels configured like below.

645M-4_GRE_app_note1.1.docx 3 of 8

Remote 645M-4 #1 Slave to Master To configure the return GRE Tunnel, browse to the web interface Services – VPN – GRE Tunnel of the Remote #1

645M-4 and configure a GRE tunnel back to the Master 645M-4 modem.

The Return GRE Tunnel configuration will be very similar to the tunnel configured

in the Master only the Peer IP address, Remote LAN Subnet and Local Tunnel IP will

change.

They will need to reflect configuration parameters on the Master 645M-4 and have

a unique GRE Local Tunnel IP Address, in this case “10.0.0.2”.

645M-4_GRE_app_note1.1.docx 4 of 8

Remote 645M-4 #2 Slave to Master To set the return GRE Tunnel in the 645M-4 #2 modem, browse to Services – VPN – GRE Tunnel and configure the

GRE tunnel back to the Master 645M-4 modem.

Again, the tunnel configuration will be very similar to the GRE tunnel in Remote #1

as the Peer IP address, Remote LAN Subnet will be identical, but the Local Tunnel IP

will need to a unique IP address, i.e. in this case 11.0.0.2.

LAN2LAN Communication tests:

When the GRE tunnels are established between the ELPRO 645M-4 modems, a communication test can be done to

ensure LAN2LAN communications through GRE.

Test#1: Connect a laptop with IP address 192.168.1.100 and configure the default gateway to be that of the Master

ELPRO 645M-4 #1 modem (192.168.1.1).

Open a command prompt.

• Ping the Remote 645M-4 #1 LAN IP Address 192.168.2.1 – Pings should get a reply

• Ping the Remote 645M-4 #2 LAN IP Address 192.168.3.1 – Pings should get a reply

645M-4_GRE_app_note1.1.docx 5 of 8

Test#2: Connect a laptop with IP address 192.168.2.100 and configure the default gateway to be that of the

Remote 645M-4 #1 modem (192.168.2.1).

Open a command prompt.

• Ping the Master 645M-4 LAN IP Address – 192.168.1.1 - Pings should get a reply

Test#3: Connect a laptop with IP address 192.168.3.100 and configure the default gateway to be that of the

Remote 645M-4 #2 modem (192.168.3.1).

Open a command prompt.

• Ping the Master 645M-4 LAN IP Address – 192.168.1.1 - Pings should get a reply

Data flow will only occur via the configured GRE tunnels, you will not be able to ping between Remote 645M-4 #1

and Remote 645M-4 #2 modems as there is no GRE Tunnel configuration between the two. If communications

between all modems is required, please use the Point to Multipoint Configuration below

Common problems that can prevent data transfer beyond the modems Ethernet ports are,

• The Ethernet device connected to each 645M-4 do not have the Default Gateway address pointing to the

connected modems LAN IP address. I.e. Master 645M-4 #1 is LAN IP 192.168.1.1, Remote 645M-4 #1 is

192.168.2.1, and Remote 645M-4 #2 is 192.168.3.1.

• The Connected Ethernet device is blocking the incoming ICMP (Ping) commands (if a PC), this can be

resolved via Windows firewall by adding an Inbound Rule.

645M-4_GRE_app_note1.1.docx 6 of 8

Application Example – Point to Multipoint

645M-4 #1 to 645M-4 #2 & 645M-4 #3

Each ELPRO 645M-4 is required to have a static cellular IP Address and a distinct LAN IP subnet address.

In order to create a point to multipoint connection between the ELPRO 645M-4 LAN networks, each 645M-4 will

require having two GRE Tunnels configured to communicate LAN2LAN to each corresponding remote modem. The

example above demonstrates 645M-4 #1 modem communicating LAN2LAN to remote 645M-4 #2 & 645M-4 #3

modems.

Note: when using GRE tunnels each modem must be part of a different subnet as well as the LAN devices connected

to it. In this application the following LAN IP addresses are assigned to each 645M-4 Modem,

• 645M-4 #1 – 192.168.1.1

• 645M-4 #2 – 192.168.2.1

• 645M-4 #3 – 192.168.3.1

Browse to Services – VPN – GRE Tunnel in the ELPRO 645M-4 #1 web interface and configure two GRE tunnels, one

for each remote modem.

645M-4_GRE_app_note1.1.docx 7 of 8

645M-4 #2 to 645M-4 #1 & 645M-4 #3 To configure the GRE Tunnels from the 645M-4 #2 to 645M-4 #1 & 645M-4 #3 modems, browse to Services – VPN –

GRE Tunnel in the 645M-4 #2 web interface and configure two separate GRE tunnels, one to each remote modem.

The two GRE tunnels should look like below.

645M-4 #3 to 645M-4 #1 & 645M-4 #2 To set the GRE Tunnels from the 645M-4 #3 to 645M-4 #1 & 645M-4 #2 modems, browse to Services – VPN – GRE

Tunnel in the 645M-4 #3 web interface and configure two separate GRE tunnels, one for each remote modem.

645M-4_GRE_app_note1.1.docx 8 of 8

The two GRE tunnels should look like below.

LAN2LAN Communication tests:

When the GRE tunnels are established between the ELPRO 645M-4 modems, a communication test can be done to

ensure LAN2LAN communications through the GRE tunnels.

Test#1: Connect a laptop with IP address 192.168.1.100 and default gateway of 192.168.1.1 (645M-4 #1 LAN IP

Address) to the ELPRO 645M-4 #1 modem.

Ping the ELPRO 645M-4 #2 LAN IP Address 192.168.2.1 – Pings should get a reply

Ping the ELPRO 645M-4 #3 LAN IP Address 192.168.3.1 – Pings should reply

Test#2: Connect a laptop with IP address 192.168.2.100 and default gateway of 192.168.2.1 (645M-4 #2 LAN IP

Address) to the ELPRO 645M-4 #2 modem.

Ping the ELPRO 645M-4 #1 LAN IP Address – 192.168.1.1 - Pings should reply

Ping the ELPRO 645M-4 #3 LAN IP Address – 192.168.3.1 - Pings should reply

Test#3: Connect a laptop with IP address 192.168.3.100 and default gateway of 192.168.3.1 (645M-4 #3 LAN IP

Address) to the ELPRO 645M-4 #3 modem.

Ping the ELPRO 645M-4 #1 LAN IP Address –192.168.1.1 - Pings should reply

Ping the ELPRO 645M-4 #2 LAN IP Address –192.168.2.1 - Pings should reply