You will need to allow GRE traffic on your router to be passed to the local machine. This is pretty easy with an EdgeMAX router.
$PUBLIC_IP - your local public IP address (https://ipv4.icanhazip.com)
$LAN_IP - your machines local LAN IP (
$REMOTE_IP - IP address of the remote Linux server you are tunneling to
If your local network uses the
192.168.0.x subnet, be sure to change it to something else like
Run this once:
net.ipv4.conf.all.proxy_arp=1 are enabled and
net.ipv4.conf.all.rp_filter=0 is off.
Using a GRE tunnel instead of SSH/OpenVPN allows for the remote IP addresses to show up correctly instead of localhost or the tunnel IP.
I’ve had issues where the GRE tunnel times out or disconnects causing the tunnel to stop functioning. I’m not sure what the cause is and it could be an issue with the remote server.
Inbound Interface: Internet facing interface
Translations Address: Local LAN IP
Src Address: Remote server
The tunnel appears to become unreachable after a certain amount of time when no data is being passed between the ends. Any
iptables forward rules will not reach the destination in this case. I could not find any information about setting a keepalive variable in the interfaces file for Debian. So, the easiest thing is to setup a systemd service with a ping interval of 5 seconds.