Announce policy Configure a policy rule on the receiving tunnel endpoint (router 2) that causes the receiving endpoint to block advertisements of the source network (192.68.1.0) in its routing updates. This prevents the source endpoint (router 1) from learning the route. This solution is for nested tunneling caused by RIP. For example, using the network shown in Figure as an illustration, configure the following policy rule on router 2 and activate it on the router RIP with the matching interface:

Gxxx-001(super)# ip distribution access-list-name 1 list #1
Done!
Gxxx-001(super)# ip distribution access-default-action 1 default-action-permit
Done!
Gxxx-001(super)# ip distribution access-list 1 10 deny
 192.68.1.0 0.0.0.255
Done!
Gxxx-001(super)# router rip
Gxxx-001(super router:rip)# distribution-list 1 out FastEthernet 10/3
Done!
Gxxx-001(super router:rip)# exit
Gxxx-001(super)#

Accept policy Configure a policy rule on the source tunnel endpoint (router 1) that will cause the source endpoint to not accept routing updates that include the source network (192.68.1.0). This solution is for nested tunneling caused by RIP. For example, using the network shown in Nested tunneling example as an illustration, you would configure the following policy rule on router 1 and activate it on the router RIP with the matching interface:

Gxxx-001(super)# ip distribution access-list-name 1 list #1
Done!
Gxxx-001(super)# ip distribution access-default-action 1 default-action-permit
Done!
Gxxx-001(super)# ip distribution access-list 1 10 deny
 192.68.1.0 0.0.0.255
Done!
Gxxx-001(super)# router rip
Gxxx-001(super router:rip)# distribution-list 1 in FastEthernet 10/3
Done!
Gxxx-001(super router:rip)# exit
Gxxx-001(super)#

Static route Configure a static rule on router 1 telling it the route for packets destined to the tunnel’s receiving endpoint (192.68.1.2). This route should be configured with a high route preference. For example:

Gxxx-001(super)# ip route 192.68.1.2 255.255.0.0 192.68.1.3 high permanent
Done!
Gxxx-001(super)#