Comment # 7 on bug 917967 from Tam�s N�meth

The problem is that there is a bug in SuSEfirewall2 and if the firewall is
activated, it somehow DROPS incoming GRE packages in spite the fact that we are
the connection initiating client - not the server. It might be some conntrack /
state issue. Adding a line to the INPUT chain seems to help:

iptables -I INPUT -p gre -j ACCEPT

Disabling the firewall entirely also solves the problem. However, I think the
firewall should be fixed in order to allow outgoing GRE communication.