Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
simonz_FTNT
Staff
Staff

Created on ‎03-26-2020 01:41 AM

Technical Tip: GRE only tunnel over loopback interface

Description
This article describes issue with GRE tunnel using loopback interface.

Solution
Additional to that, when using loopback interface for GRE tunnel, specify loopback interface under GRE setting is not needed as below:

FortiGate 1 using loopback interface
=========================
# config system gre-tunnel
    edit "fgt2”
        set remote-gw 10.56.240.119
        set local-gw 10.11.0.1
    next
end

# config system interface
    edit "loopback"
        set vdom "root"
        set ip 10.11.0.1 255.255.255.255
        set allowaccess ping
        set type loopback
        set snmp-index 13
    next
end
FortiGate 2 setting
==========
# config system gre-tunnel
    edit "fgt1"
        set interface "port1"
        set remote-gw 10.11.0.1
        set local-gw 10.56.240.119
    next
end

# config system interface
    edit "port1"
        set vdom "root"
        set ip 10.56.240.119 255.255.252.0
        set allowaccess ping https ssh http telnet fgfm
        set type physical
        set snmp-index 1
    next
end

Related Articles

Technical Note : Configuring and verifying a GRE tunnel between two FortiGates (static routing)

Labels:
1075
0 Kudos
Contributors

Contact Us