ipsec established, but gre tunnel not

mikruser · January 2, 2020, 7:09am

Hello,

I created GRE tunnel (with IPsec Sercret) between CCR and CHR. (6.44.6)

but GRE tunnel is inactive (not running).

how is this possible?

BartoszP · January 2, 2020, 2:00pm

Have you specified local and remote addresses of GRE on both routers?
Do you allow proper protocols to pass firewall?

mikruser · January 2, 2020, 2:10pm

>>Have you specified local and remote addresses of GRE on both routers?
Yes

>>Do you allow proper protocols to pass firewall?
Yes, full access for these addresses (without “IPsec Secret” gre-tunnel link up successfully).

I think this is a bug in ROS…

BartoszP · January 2, 2020, 2:41pm

I doubt that it is a bug. I use GRE-IPSec and IPIP-IPSec ..

yeahbunin · January 8, 2020, 3:39pm

You need to check your FWall rules

accept input traffic from your remote peer over proto 47(gre)

and proto 89(ospf) if you need

mikruser · January 9, 2020, 11:33am

yeahbunin
read my previous message

sid5632 · January 9, 2020, 3:23pm

Why don’t you just provide a config. export of both ends instead of whining?
What do you expect anybody to do without this BASIC information?