Getting started

Products concerned: SNS 4.x

Last update: February 2023

SNS firewalls can encapsulate level 2 traffic in GRE (Generic Routing Encapsulation) tunnels that rely on GRETAP interfaces. Since GRE tunnels are not natively encrypted, we strongly recommend that you secure communications by making GRE traffic go through IPsec.

By using GRE tunnels based on GRETAP interfaces, sites presenting the same address plan can be linked through a bridge. DHCP services can be shared between both sites in this way. This type of tunnel also makes it possible to transport shared VLANs between two sites, with or without filtering on these VLANs.

IMPORTANT
GRE tunnels can only be used with IPv4 in GRE over IPv4. The use of IPv6 packets in GRE tunnels, or of GRE tunnels encapsulated in IPv6, is not supported.