Fortinet black logo

CLI Reference

config system gre-tunnel

config system gre-tunnel

Configure GRE tunnel.

config system gre-tunnel

Description: Configure GRE tunnel.

edit <name>

set interface {string}

set ip-version [4|6]

set remote-gw6 {ipv6-address}

set local-gw6 {ipv6-address}

set remote-gw {ipv4-address}

set local-gw {ipv4-address-any}

set use-sdwan [disable|enable]

set sequence-number-transmission [disable|enable]

set sequence-number-reception [disable|enable]

set checksum-transmission [disable|enable]

set checksum-reception [disable|enable]

set key-outbound {integer}

set key-inbound {integer}

set dscp-copying [disable|enable]

set diffservcode {user}

set keepalive-interval {integer}

set keepalive-failtimes {integer}

next

end

config system gre-tunnel

Parameter

Description

Type

Size

Default

interface

Interface name.

string

Maximum length: 15

ip-version

IP version to use for VPN interface.

option

-

4

Option

Description

4

Use IPv4 addressing for gateways.

6

Use IPv6 addressing for gateways.

remote-gw6

IPv6 address of the remote gateway.

ipv6-address

Not Specified

::

local-gw6

IPv6 address of the local gateway.

ipv6-address

Not Specified

::

remote-gw

IP address of the remote gateway.

ipv4-address

Not Specified

0.0.0.0

local-gw

IP address of the local gateway.

ipv4-address-any

Not Specified

0.0.0.0

use-sdwan

Enable/disable use of SD-WAN to reach remote gateway.

option

-

disable

Option

Description

disable

Disable use of SD-WAN to reach remote gateway.

enable

Enable use of SD-WAN to reach remote gateway.

sequence-number-transmission *

Enable/disable including of sequence numbers in transmitted GRE packets.

option

-

disable

Option

Description

disable

Include sequence numbers in transmitted GRE packets.

enable

Do not include sequence numbers in transmitted GRE packets.

sequence-number-reception *

Enable/disable validating sequence numbers in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate sequence number in received GRE packets.

enable

Validate sequence numbers in received GRE packets.

checksum-transmission *

Enable/disable including checksums in transmitted GRE packets.

option

-

disable

Option

Description

disable

Do not include checksums in transmitted GRE packets.

enable

Include checksums in transmitted GRE packets.

checksum-reception *

Enable/disable validating checksums in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate checksums in received GRE packets.

enable

Validate checksums in received GRE packets.

key-outbound *

Include this key in transmitted GRE packets .

integer

Minimum value: 0 Maximum value: 4294967295

0

key-inbound *

Require received GRE packets contain this key .

integer

Minimum value: 0 Maximum value: 4294967295

0

dscp-copying

Enable/disable DSCP copying.

option

-

disable

Option

Description

disable

Disable DSCP copying.

enable

Enable DSCP copying.

diffservcode

DiffServ setting to be applied to GRE tunnel outer IP header.

user

Not Specified

keepalive-interval

Keepalive message interval .

integer

Minimum value: 0 Maximum value: 32767

0

keepalive-failtimes

Number of consecutive unreturned keepalive messages before a GRE connection is considered down .

integer

Minimum value: 1 Maximum value: 255

10

* This parameter may not exist in some models.

config system gre-tunnel

Configure GRE tunnel.

config system gre-tunnel

Description: Configure GRE tunnel.

edit <name>

set interface {string}

set ip-version [4|6]

set remote-gw6 {ipv6-address}

set local-gw6 {ipv6-address}

set remote-gw {ipv4-address}

set local-gw {ipv4-address-any}

set use-sdwan [disable|enable]

set sequence-number-transmission [disable|enable]

set sequence-number-reception [disable|enable]

set checksum-transmission [disable|enable]

set checksum-reception [disable|enable]

set key-outbound {integer}

set key-inbound {integer}

set dscp-copying [disable|enable]

set diffservcode {user}

set keepalive-interval {integer}

set keepalive-failtimes {integer}

next

end

config system gre-tunnel

Parameter

Description

Type

Size

Default

interface

Interface name.

string

Maximum length: 15

ip-version

IP version to use for VPN interface.

option

-

4

Option

Description

4

Use IPv4 addressing for gateways.

6

Use IPv6 addressing for gateways.

remote-gw6

IPv6 address of the remote gateway.

ipv6-address

Not Specified

::

local-gw6

IPv6 address of the local gateway.

ipv6-address

Not Specified

::

remote-gw

IP address of the remote gateway.

ipv4-address

Not Specified

0.0.0.0

local-gw

IP address of the local gateway.

ipv4-address-any

Not Specified

0.0.0.0

use-sdwan

Enable/disable use of SD-WAN to reach remote gateway.

option

-

disable

Option

Description

disable

Disable use of SD-WAN to reach remote gateway.

enable

Enable use of SD-WAN to reach remote gateway.

sequence-number-transmission *

Enable/disable including of sequence numbers in transmitted GRE packets.

option

-

disable

Option

Description

disable

Include sequence numbers in transmitted GRE packets.

enable

Do not include sequence numbers in transmitted GRE packets.

sequence-number-reception *

Enable/disable validating sequence numbers in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate sequence number in received GRE packets.

enable

Validate sequence numbers in received GRE packets.

checksum-transmission *

Enable/disable including checksums in transmitted GRE packets.

option

-

disable

Option

Description

disable

Do not include checksums in transmitted GRE packets.

enable

Include checksums in transmitted GRE packets.

checksum-reception *

Enable/disable validating checksums in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate checksums in received GRE packets.

enable

Validate checksums in received GRE packets.

key-outbound *

Include this key in transmitted GRE packets .

integer

Minimum value: 0 Maximum value: 4294967295

0

key-inbound *

Require received GRE packets contain this key .

integer

Minimum value: 0 Maximum value: 4294967295

0

dscp-copying

Enable/disable DSCP copying.

option

-

disable

Option

Description

disable

Disable DSCP copying.

enable

Enable DSCP copying.

diffservcode

DiffServ setting to be applied to GRE tunnel outer IP header.

user

Not Specified

keepalive-interval

Keepalive message interval .

integer

Minimum value: 0 Maximum value: 32767

0

keepalive-failtimes

Number of consecutive unreturned keepalive messages before a GRE connection is considered down .

integer

Minimum value: 1 Maximum value: 255

10

* This parameter may not exist in some models.