Creating the GRETAP interface

On each firewall that is part of the GRETAP tunnel, in Configuration > Network > Interfaces:

1. Click on Add.
2. Select GRETAP interface.
   The configuration window of the interface appears.
3. In General configuration > General settings:
   • Assign a Name to the GRETAP interface (gretap_FW in the example).
   • In the This interface is field, select Internal (protected).
4. In the General configuration tab > GRETAP tunnel addresses:
   • Tunnel source: select the physical interface that GRE traffic will pass through on its way out of the firewall. In the example shown, this will be the Firewall_out interface.
   • Tunnel destination: select an object bearing the public IP address of the remote firewall (Remote_FW in the example).
5. In General configuration > Address range:
   • Select Address range inherited from the bridge,
   • Next, select the Bridge to which the interface must be connected.
     This can be a bridge generated by the default configuration or a bridge created for this purpose.
   NOTES

   • Bridges cannot be created in the GRETAP interface creation wizard.
   • It is possible to not select any bridge for the GRETAP interface by forcing the status of the interface to OFF. The interface can then be enabled later by moving it to a bridge.
6. Click on Apply to confirm the creation of the GRETAP interface.