GRE tunnel to IP Alias. Tunnel never comes up

  • So I'm testing some things with IPSec and GRE tunnels in a test environment. I've attached a network map to this post.

    R1 has a single WAN and LAN. R1's WAN interface has two IPs.

    R2,R3, and R4 have dual WAN interfaces and a LAN interface.

    The "cloud" in the middle is just a network switch –- So the WANs are all connected to the same layer 2 network.

    Anyway, I can get a GRE tunnel to work correctly if I connect from R1, to R2, However, if I use, R1 to, R2 the GRE tunnel will never come up. I did some packet captures and it looks like R2 is sending the traffic to R1, but R1 never responds (I've checked the firewall logs and added rules, so the firewall shouldn't be blocking traffic).

    I tried this again between R1 and R3 --- Same thing, if I use the 25.X networks, it works fine. If I take the very same tunnel and use the 26.X networks, it doesn't work. R1 ignores GRE traffic from R3 and never attempts to send it GRE traffic otherwise.

    Does anyone else have GRE tunnels working where one of the endpoints is an Alias? I just wanted to confirm I'm not crazy before I file a bug report.

    I'm running PFsense 2.2 AMD64.


Log in to reply