Allow GRE packets through the firewall

Currently the DO firewall filters IP Protocol 47 (GRE) packets, which interferes with pptp vpn links. If GRE packets were added to the list, along with ICMP, IPv4 and IPv6, this would allow the use of PPTP VPNs (see e.g. https://www.digitalocean.com/community/tutorials/how-to-setup-your-own-vpn-with-pptp) and other VPNs that utilize GRE packets, such as IPSec

Anonymous

Sep 11 2018

Planned

Sep 11, 2018

Admin response

We are planning to add support to it in the near future, thanks for the feedback, it helps inform our discussions.

Comments (5)
Votes (21)

Attach files

Enter a subject
Fredrik Yayabee commented

28 Jul 09:49am

If you implement support for this, can you also implement support for IPSEC passthrough (ESP-packages) at the same time? It seems reasonable that the Firewalls should allow for both IPSEC and PPTP, especially since IPSec IKEv2 is more modern and secure. There is another ides ticket specifically about this as well, with number DO-I-2955. Maybe you can implement both at the same time?

×
Attachments Open full size
Wojciech Gebis commented

30 Jul, 2019 08:23am

When adding GRE support is planning?

×
Attachments Open full size
ZeuX commented

4 Jul, 2019 08:01pm
```
We need this
```
×
Attachments Open full size
Roy Breidi commented

20 Jan, 2019 12:00am

Also please add support for ESP (for IPsec)

×
Attachments Open full size
ibrahim akyel commented

9 Nov, 2018 05:26pm

+1

i can't use firewall service because of this. I have to use Ufw

×
Attachments Open full size

Allow GRE packets through the firewall

Admin response

Attachments Open full size

Attachments Open full size

Attachments Open full size

Attachments Open full size

Attachments Open full size

Identify yourself with your email address

Related ideas