24 Apr
2018
24 Apr
'18
10:36 p.m.
On Tue, 2018-04-24 at 14:18 -0400, Adam Tauno Williams wrote:
I am attempting to setup an IPSec protected GRE tunnel with a Cisco router. I believe the IPSec association is up, however I cannot move traffic over the tunnel. It is not clear how to integrate the tunnel interface (gre1) with firewall-cmd; adding the interface to trusted does not appear to 'stick'.
While I cannot reference the interface in a firewall rule I have been able to get the tunnel operational using:
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p gre -j ACCEPT