DigitalOcean home
  • Droplets
  • Spaces
  • Kubernetes
  • Tools & Integrations
  • One-click Apps
  • API Documentation
  • Community
  • Tutorials
  • Q&A
  • Projects
  • Meetups
  • Customers
  • Pricing
  • Docs
  • Support
  • DigitalOcean home
  • Products
    • Droplets

      Scalable compute services.

    • Spaces

      Simple object storage.

    • Kubernetes

      Run managed Kubernetes clusters.

    • Tools & Integrations

      Automate your infrastructure.

    • One-click Apps

      Deploy pre-built applications.

    • API Documentation
  • Customers
  • Community
    • Community Overview

      Connect, share and learn

    • Tutorials

      DevOps and development guides

    • Questions & Answers

      Development and systems Q&A

    • Projects

      Community-built integrations

    Get Involved
    Write for DOnations
    Join us at a Meetup
    Featured Post
    An Introduction to Kubernetes

    by Justin Ellingwood

  • Pricing
  • Docs
  • Support
    • Documentation

    • Contact Support

    • Network Status

  • Home /
  • DO-I-228 /
  • New idea
23 Vote

Allow GRE packets through the firewall

Currently the DO firewall filters IP Protocol 47 (GRE) packets, which interferes with pptp vpn links. If GRE packets were added to the list, along with ICMP, IPv4 and IPv6, this would allow the use of PPTP VPNs (see e.g. https://www.digitalocean.com/community/tutorials/how-to-setup-your-own-vpn-with-pptp) and other VPNs that utilize GRE packets, such as IPSec

  • Anonymous
  • Sep 11 2018
  • Planned
Cloud Firewalls
  • Sep 11, 2018

    Admin response

    We are planning to add support to it in the near future, thanks for the feedback, it helps inform our discussions.
  • Comments (5)
  • Votes (23)
  • Attach files
  • Fredrik Yayabee commented
    28 Jul, 2020 09:49am

    If you implement support for this, can you also implement support for IPSEC passthrough (ESP-packages) at the same time? It seems reasonable that the Firewalls should allow for both IPSEC and PPTP, especially since IPSec IKEv2 is more modern and secure. There is another ides ticket specifically about this as well, with number DO-I-2955. Maybe you can implement both at the same time?

    ×

    Attachments Open full size

  • Wojciech Gebis commented
    30 Jul, 2019 08:23am


    When adding GRE support is planning?

    ×

    Attachments Open full size

  • ZeuX commented
    4 Jul, 2019 08:01pm
    We need this
    ×

    Attachments Open full size

  • Roy Breidi commented
    20 Jan, 2019 12:00am

    Also please add support for ESP (for IPsec)

    ×

    Attachments Open full size

  • ibrahim akyel commented
    9 Nov, 2018 05:26pm

    +1

     

    i can't use firewall service because of this. I have to use Ufw

    ×

    Attachments Open full size

Log in / Sign up

Identify yourself with your email address

Subscribe

You won't be notified about changes to this idea.

Related ideas

DigitalOcean home

© 2018 DigitalOcean, LLC. All rights reserved.
Proudly made in NY

  • Twitter
  • Facebook
  • Instagram
  • YouTube
  • LinkedIn
  • Glassdoor
Company
About
Leadership
Blog
Careers
Partner Network
Referral Program
Events
Press
Legal & Security
Products
Droplets
Spaces
Kubernetes
Tools & Integrations
One-click Apps
API
Pricing
Documentation
Release Notes
Community
Tutorials
Meetups
Q&A
Write for DOnations
Droplets for Demos
Hatch
Shop Swag
Research Program
Currents Research
Open Source
Support
Contact Support
FAQ
Network Status