Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 592 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

GRE Tunnel as SD-WAN Gateway

Jasmin Karaji

Hi

I have configured a GRE tunnel between two Sophos Firewalls and it works fine and I am able to ping both GRE tunnel IPs from other side. I am trying to add GRE tunnel IP address of other side as SD-WAN Gateway so I could route traffic by SDWAN rules instead of GRE routes. But as soon as I add gateway in one side, GRE tunnel disconnects.

I have done the same configuration on SFOS 18.5.2 in the past and I'm sure it definitely works.

Regards

Farshid



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Vivek Jagad

    Thank you for your answer but I don't know how this guide help mw with this issue. Maybe, I should explain it better.

    I have two firewall and I want to create a GRE tunnel between them. I used following commands to create the tunnel:

    Sophos Firewall 1> system gre tunnel add name gre1 local-gw Port2 remote-gw E.F.G.H local-ip 192.168.32.1 remote-ip 192.168.32.2

    Sophos Firewall 2> system gre tunnel add name gre1 local-gw Port2 remote-gw A.B.C.D local-ip 192.168.32.2 remote-ip 192.168.32.1

    GRE tunnel establishes successfully and I can ping 192.168.32.2 from Sophos Firewall 1 and vice versa.

    Next logical step would be creating GRE routes using "system gre route" command on both firewalls but I need to use SDWAN rules to route traffic between two sites to have more control and also to have failover ability on GRE tunnels. So I add a SDWAN gateway from Routing > Gateways

     As soon as I create this gateway on firewall, I cannot ping 192.168.32.1 on the same firewall any more. Here is the packet capture result in same firewall. ICMP request exists from firewall from GRE interface with GRE interface source IP address but it never reaches the destination.

    As I mentioned my original post, I have configured same scenario on another project that had a Sophos Firewall with SFOS 18.5.2 MR2 and it worked successfully.

    Can anyone help me with this issue? 

    Regards

    Farshid

Unfiltered HTML