gre tunnel setup guide

  • 1
  • Question
  • Updated 1 year ago
I try to setup a gre tunnel between two AP130 in one user profile, I just setup one AP's IP in dest address and another one in source IP and auto-generate password and complete update two APs

When I use debug to show gre-tunnel, it show nothing and I cannot see my gre tunnel work or not.

Could anyone give sone heps?
Photo of Bin Yu

Bin Yu

  • 24 Posts
  • 0 Reply Likes

Posted 3 years ago

  • 1
Photo of John Fielding

John Fielding

  • 12 Posts
  • 0 Reply Likes
I assume no-one ever responded to this? I am experiencing precisely the same issue.
Checked all the usual suspect make sure GRE is supported on the firewall, ensure IP protocol 47 and UDP 3000 and 3002 are open on the firewall in BOTH directions.
I think your problem Bin Yu is that you are trying to use two AP130's. The AP130 will not act as a tunnel terminator, I believe you require a "300" series device to achieve this.
Is there a known problem trying to get the guest GRE to work on later version of HiveOS???? i.e. 6.5r4 onwards??
Photo of BJ

BJ, Champ

  • 374 Posts
  • 45 Reply Likes
I am running a GRE tunnel between two AP230s running 6.5r4. I can't attest to the 130s, but it seems like it should work. Are the two endpoints on the same network policy?

Best,
BJ 
Photo of John Fielding

John Fielding

  • 12 Posts
  • 0 Reply Likes
Hi BJ,
Actually forced the AP130's to boot from an earlier image (6.5r4) rather than the 6.8r1 they were running, re-booted them and the GRE tunnel came straight up..
Photo of Jodokus,Kasper

Jodokus,Kasper

  • 2 Posts
  • 0 Reply Likes
Hi is there a
gre tunnel setup guide available to download?

Regards
Jodo
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
Is that for an AP to AP or AP to CVG tunnel?
Photo of Jodokus,Kasper

Jodokus,Kasper

  • 2 Posts
  • 0 Reply Likes
Hi, thats AP to AP GRE Tunnel!
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
To configure an AP to AP identity based GRE tunnel:
  1. Click on the "Configuration" menu
  2. Select "User Profiles" on the left hand pane
  3. Select the user profile you want to GRE tunnel
  4. Expand the "GRE Tunnels" section
  5. Select "GRE tunnel for roaming or station isolation"
  6. Click on the "+" icon next to the "Tunnel Policy" drop down menu
  7. In the new "Tunnel Policies" screen enter the tunnel name and description.
  8. Select "Enable Static Identity-Based Tunnels"
  9. In the "Tunnel Destination" area select the access point to act as the terminator (destination).  You may need to create this as an IP Object (Configuration -> Advanced Configuration -> IP Objects/Host Names or just click on the "+" icon)
  10. In the "Tunnel Source IPs or Subnets" select the access point(s) to act as the sources.  
  11. Click on the "Generate" button in the "Tunnel Authentication" area.
  12. Click on the "Save" button
  13. Click on the "Save" button again
  14. Update the source and destination access points.

Notes:
  • As the tunneling is per user profile you may need to repeat steps 3 to 5 and select the same tunnel policy each time.
  • The source and destination access points must be in the same network policy.
(Edited)