Register now or log in to join your professional community.
GRE is like a virtual interface, so any packet that would be routed out this interface will be completely wrapped into a new packet. This packet would prepend a GRE header and a NEW IP header and the source IP of whatever interface that it used to egress the router. This interface handles multicasts as one would expect.
IPSec on the other hand is a suite of protocols that we put together to achieve a goal. This goal is to enforce a policy. IPSec does not really support multicast in and of itself. Now there are ways around this. For example, we might decide that we wish to encrypt the GRE packet that we created above. In that case, we might add an ESP header in the above mix. In that case, multicast would still work, but we are only encrypting a unicast packet from the perspective of IPSEC (or more specifically the ESP protocol). Your question with GRE is specific.