EOIP is based on the GRE protocol, and there were some GRE-related firewall fixes in 6.45. As a result (1) an invalid firewall config that used to work before the upgrade will no longer work; and (2) a new bug was introduced that incorrectly classifies GRE connection state as invalid in some cases (but workaround exists). Please read through the v6.45.1 [stable] is released!
topic for details.
PS. The use of EOIP over IPsec (as opposed to the plain IPsec) is the key here, so I edited the topic title to make it clear to everyone else.