Upgraded from 2.1 to 2.12 and now GRE doesn't work



  • Hello,

    This is odd, before the upgrade the gre tunnel between two pfsense boxes was working.  I also noticed that the firewall logs were showing block gre traffic and icmp (which I was testing connectivity), so I added those rules and now the logs are clean, but still the gre tunnel won't come up.  Things I have done to troubleshoot:  ifconfig gre0 down/up and rebooted.  I don't know what else to do. When I tried to ping the other end of the tunnel I get "ping: sendto: Network is down", when I ping the routable ip to create the tunnel I get a reply.

    Any ideas?  How can I downgrade versions?

    Thank you in advance.


  • Rebel Alliance Developer Netgate

    Downgrading isn't viable, 2.1 and 2.1.1 were vulnerable to Heartbleed so you wouldn't want to go back there.

    What does "ifconfig -a" show for the GRE interface when you're trying to use it?

    In your GUI, is the GRE interface assigned, and if so, how is it configured in the GUI?



  • I have been playing with GRE tunnels recently and I have them working fine on 2.1.2.  The only caveat is that the tunnels still need to be manually started after a reboot.  I am surprised that using 'ifconfig gre0 up' doesn't bring the tunnel up.

    Are you able to ping the tunnel endpoints?  Did something happen to any of your rules to stop allowing GRE through?  Is either firewall on a DHCP address and the address changed after the upgrade/reboot?