Fortinet black logo

CLI Reference

config system gre-tunnel

config system gre-tunnel

Configure GRE tunnel.

config system gre-tunnel
    Description: Configure GRE tunnel.
    edit <name>
        set auto-asic-offload [enable|disable]
        set checksum-reception [disable|enable]
        set checksum-transmission [disable|enable]
        set diffservcode {user}
        set dscp-copying [disable|enable]
        set interface {string}
        set ip-version [4|6]
        set keepalive-failtimes {integer}
        set keepalive-interval {integer}
        set key-inbound {integer}
        set key-outbound {integer}
        set local-gw {ipv4-address-any}
        set local-gw6 {ipv6-address}
        set remote-gw {ipv4-address}
        set remote-gw6 {ipv6-address}
        set sequence-number-reception [disable|enable]
        set sequence-number-transmission [disable|enable]
        set use-sdwan [disable|enable]
    next
end

config system gre-tunnel

Parameter

Description

Type

Size

Default

auto-asic-offload *

Enable/disable automatic ASIC offloading.

option

-

enable

Option

Description

enable

Enable automatic ASIC offloading.

disable

Disable automatic ASIC offloading.

checksum-reception *

Enable/disable validating checksums in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate checksums in received GRE packets.

enable

Validate checksums in received GRE packets.

checksum-transmission *

Enable/disable including checksums in transmitted GRE packets.

option

-

disable

Option

Description

disable

Do not include checksums in transmitted GRE packets.

enable

Include checksums in transmitted GRE packets.

diffservcode

DiffServ setting to be applied to GRE tunnel outer IP header.

user

Not Specified

dscp-copying

Enable/disable DSCP copying.

option

-

disable

Option

Description

disable

Disable DSCP copying.

enable

Enable DSCP copying.

interface

Interface name.

string

Maximum length: 15

ip-version

IP version to use for VPN interface.

option

-

4

Option

Description

4

Use IPv4 addressing for gateways.

6

Use IPv6 addressing for gateways.

keepalive-failtimes

Number of consecutive unreturned keepalive messages before a GRE connection is considered down.

integer

Minimum value: 1 Maximum value: 255

10

keepalive-interval

Keepalive message interval.

integer

Minimum value: 0 Maximum value: 32767

0

key-inbound *

Require received GRE packets contain this key.

integer

Minimum value: 0 Maximum value: 4294967295

0

key-outbound *

Include this key in transmitted GRE packets.

integer

Minimum value: 0 Maximum value: 4294967295

0

local-gw

IP address of the local gateway.

ipv4-address-any

Not Specified

0.0.0.0

local-gw6

IPv6 address of the local gateway.

ipv6-address

Not Specified

::

name

Tunnel name.

string

Maximum length: 15

remote-gw

IP address of the remote gateway.

ipv4-address

Not Specified

0.0.0.0

remote-gw6

IPv6 address of the remote gateway.

ipv6-address

Not Specified

::

sequence-number-reception *

Enable/disable validating sequence numbers in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate sequence number in received GRE packets.

enable

Validate sequence numbers in received GRE packets.

sequence-number-transmission *

Enable/disable including of sequence numbers in transmitted GRE packets.

option

-

disable

Option

Description

disable

Include sequence numbers in transmitted GRE packets.

enable

Do not include sequence numbers in transmitted GRE packets.

use-sdwan

Enable/disable use of SD-WAN to reach remote gateway.

option

-

disable

Option

Description

disable

Disable use of SD-WAN to reach remote gateway.

enable

Enable use of SD-WAN to reach remote gateway.

* This parameter may not exist in some models.

config system gre-tunnel

Configure GRE tunnel.

config system gre-tunnel
    Description: Configure GRE tunnel.
    edit <name>
        set auto-asic-offload [enable|disable]
        set checksum-reception [disable|enable]
        set checksum-transmission [disable|enable]
        set diffservcode {user}
        set dscp-copying [disable|enable]
        set interface {string}
        set ip-version [4|6]
        set keepalive-failtimes {integer}
        set keepalive-interval {integer}
        set key-inbound {integer}
        set key-outbound {integer}
        set local-gw {ipv4-address-any}
        set local-gw6 {ipv6-address}
        set remote-gw {ipv4-address}
        set remote-gw6 {ipv6-address}
        set sequence-number-reception [disable|enable]
        set sequence-number-transmission [disable|enable]
        set use-sdwan [disable|enable]
    next
end

config system gre-tunnel

Parameter

Description

Type

Size

Default

auto-asic-offload *

Enable/disable automatic ASIC offloading.

option

-

enable

Option

Description

enable

Enable automatic ASIC offloading.

disable

Disable automatic ASIC offloading.

checksum-reception *

Enable/disable validating checksums in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate checksums in received GRE packets.

enable

Validate checksums in received GRE packets.

checksum-transmission *

Enable/disable including checksums in transmitted GRE packets.

option

-

disable

Option

Description

disable

Do not include checksums in transmitted GRE packets.

enable

Include checksums in transmitted GRE packets.

diffservcode

DiffServ setting to be applied to GRE tunnel outer IP header.

user

Not Specified

dscp-copying

Enable/disable DSCP copying.

option

-

disable

Option

Description

disable

Disable DSCP copying.

enable

Enable DSCP copying.

interface

Interface name.

string

Maximum length: 15

ip-version

IP version to use for VPN interface.

option

-

4

Option

Description

4

Use IPv4 addressing for gateways.

6

Use IPv6 addressing for gateways.

keepalive-failtimes

Number of consecutive unreturned keepalive messages before a GRE connection is considered down.

integer

Minimum value: 1 Maximum value: 255

10

keepalive-interval

Keepalive message interval.

integer

Minimum value: 0 Maximum value: 32767

0

key-inbound *

Require received GRE packets contain this key.

integer

Minimum value: 0 Maximum value: 4294967295

0

key-outbound *

Include this key in transmitted GRE packets.

integer

Minimum value: 0 Maximum value: 4294967295

0

local-gw

IP address of the local gateway.

ipv4-address-any

Not Specified

0.0.0.0

local-gw6

IPv6 address of the local gateway.

ipv6-address

Not Specified

::

name

Tunnel name.

string

Maximum length: 15

remote-gw

IP address of the remote gateway.

ipv4-address

Not Specified

0.0.0.0

remote-gw6

IPv6 address of the remote gateway.

ipv6-address

Not Specified

::

sequence-number-reception *

Enable/disable validating sequence numbers in received GRE packets.

option

-

disable

Option

Description

disable

Do not validate sequence number in received GRE packets.

enable

Validate sequence numbers in received GRE packets.

sequence-number-transmission *

Enable/disable including of sequence numbers in transmitted GRE packets.

option

-

disable

Option

Description

disable

Include sequence numbers in transmitted GRE packets.

enable

Do not include sequence numbers in transmitted GRE packets.

use-sdwan

Enable/disable use of SD-WAN to reach remote gateway.

option

-

disable

Option

Description

disable

Disable use of SD-WAN to reach remote gateway.

enable

Enable use of SD-WAN to reach remote gateway.

* This parameter may not exist in some models.