Hello it is the first time here,
The problem I have is firewall somehow blocking tunnel when ID != 0. When tunnel-id = 0 works perfect no needs any modifications. When tunnel-id != 0 (1,2,3 or what ever) works only when disable firewall default configuration (chain=input action=drop in-interface=ether1-gateway log=no log-prefix=“” )
My hardware is RB750Gr2 with 6.35.2 version (updated from 6.28). I use default configuration after reset. What we are doing wrong?
I read other topics with the same problem but nowhere explained or solution:
http://forum.mikrotik.com/t/eoip-only-works-when-tunnel-id-0/89007/1
http://forum.mikrotik.com/t/eoip-tunnels-only-tunnel-id-0-works-fastpath-allows-pings-3-rb953gs-5hnt/92858/1
Has anyone suggestions which direction to go? 
Solutions were given there, not specifically, but they are there. I don’t know why ID 0 passes through, but the default configuration has a rule order like this for input. If indeed ID 0 passes through the default firewall, then there is a bug that needs to be reported to mikrotik, just not the bug you were thinking it was.
1.) Accept established and related connections
2.) Drop invalid connections
3.) Accept new connections from LAN
3.) Drop everything else.
EoIP is based on GRE, so you need to allow that communication on both routers in the firewall for the tunnel to be built and established properly. Build your input chain firewall to be something like this. Otherwise new connections coming in from the outside world are ignored.
1.) Accept established and related connections
2.) Drop invalid connections
3.) Accept protocol GRE from known IP addresses
4.) Accept new connections from known sources (an IP list of known management locations)
5.) Accept new from the LAN ports (assuming you want to allow LAN users to access the MikroTik)
6.) Drop everything else
You need to explicitly allow the traffic that you want, because with the default configuration the MikroTik drops all communications from the outside world, which is a very good thing.
Thank you, Feklar,
I will try to manage Firewall rules after my holidays
Hi. You find how fix this bug?
I have the same problem. If tunnel id=0 work if 1 don’t run interface 
Thanks
There have been some changes since 2016. Post your complete export, see anonymisation hints in my automatic signature just below.
I need to add firewall rule in input chain accept GRE(47) protocol from source ip (other end of tunnel) to work.
thanks. now its work.