What | Removed | Added |
---|---|---|
CC | nice@titanic.nyme.hu |
The problem is that there is a bug in SuSEfirewall2 and if the firewall is activated, it somehow DROPS incoming GRE packages in spite the fact that we are the connection initiating client - not the server. It might be some conntrack / state issue. Adding a line to the INPUT chain seems to help: iptables -I INPUT -p gre -j ACCEPT Disabling the firewall entirely also solves the problem. However, I think the firewall should be fixed in order to allow outgoing GRE communication.