Help with GRE tunnels (will pay to get this working!)



  • Hi everyone,

    I'm completely clueless when it comes to GRE tunnels, so please bear with me…

    I am trying to protect a mail server on my network via a DDoS scrubbing service.  They have given me an IP address (call it A.A.A.A) and an internal network (10.10.10.0/30) and I've specified the IP address of my server (call it B.B.B.B) as the backend address.  I've also specified a list of ports that should be forwarded over the tunnel to the backend.

    I know that A.A.A.A and B.B.B.B can reach each other.  I tested this initially without a GRE tunnel by using their TCP proxy option.  This works, except of course I lose the original IP address, which is critical for spam filtering and access control.

    Can anyone walk me through the steps to add a GRE tunnel on my pfSense (2.1) box?  I'm assuming I not only have to create a GRE interface, but I also have to create a gateway and add a route, but I'm getting nowhere.

    I'd gladly pay a bounty to anyone who can help me get this going ASAP.



  • What service is this?