Manualshelf

User manual

ManualsBrandsSecure Computing ManualsSecurity CamerasSG570
111112113114115116117118119120
GRE Tunnel Name: to_slough
Remote External Address: 10.254.0.1
Local External Address: 10.254.0.2
Firewall Class: LAN
Click Finish to add the interface. Edit the bridge interface that you added at the
beginning of these steps. Check Bridged for the GRE interface you have just added,
and select a Firewall Class of LAN. Click Finish.
At the Slough end, click Packet Filtering, click the Custom Firewall Rules, tab and add
this custom firewall rule:
iptables -I OUTPUT ! -o IPSec+ -d 10.254.0.2 -j DROP
Click Update.
At the Brisbane end, click Packet Filtering, click the Custom Firewall Rules tab, and
add this custom firewall rule:
iptables -I OUTPUT ! -o IPSec+ -d 10.254.0.1 -j DROP
Click Update.
GRE troubleshooting
Symptom: Cannot ping a host on the other side of the GRE tunnel.
Ensure that there is a route set up on the GRE tunnel to the remote network.
Ensure that there is a route on the remote GRE endpoint to the network at this end of
the GRE tunnel.
Check that there is a GRE interface created on the device. To do this, go into
Advanced Networking and scroll to the bottom. There should be an interface called
greX. greX is the same as the Interface Name specified in the table of current GRE
tunnels.
Also ensure that the required routes have been set up on the GRE interface. This
might not occur if you have the same route specified on different GRE tunnels, or on
different network interfaces.
Ensure that the remote GRE endpoint is reacheable. Do this by using the ping utility
on the Advanced Networking page.
Symptom: Cannot ping the remote GRE end point.
105
Network Setup