Unencrypted GRE Tunnels

Needs the ability to create unencrypted GRE tunnels.

DDoS is becoming more of an issue in todays world. The larger cloud based DDoS mitigation providers (Akamai and Cloudflare to name a few) use GRE tunnels from their cloud to facilitate services. Currently there is no way to implement these connections on a WatchGuard appliance.

This leaves 3 options, purchase expensive dedicated connections, find sub optimal DDoS providers or move away from Watchguard products to another Firewall vendor. Replacing the WatchGuards is seen as the easiest and lowest friction option.

The ability to create a GRE tunnel exists already, just not without layering encryption over it. This has to be a simple fix from a development perspective and has a strong business case to prevent users of enterprise appliances migrating away.

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @RyanLeighton

    If you haven't done so already, I'd suggest creating a support case with the requirements you'd need for such a feature. We can get a feature request set up based on that and assign it to your case (which we're not able to do here in the forums.)

    [You can create a case by clicking the support center link at the top right of this page. If you'd prefer to work online, just select 'online update' when you create the case.]

    If you've already made a case, if you can please reply here with the case number, and I can go and check to ensure it's sent/escalated to the correct team to handle that kind of request.

    Thank you!

    -James Carson
    WatchGuard Customer Support

  • Hi James,

    Please see ticket:
    Case - 01380893

    Regards,

    Ryan

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @RyanLeighton I'll get that request sent to the correct team. Thank you!

    -James Carson
    WatchGuard Customer Support

  • This would be amazing to have!

  • +1 same feature request!!

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Alessandro_Burati
    Feature request FBX-21224 was created last year for Ryan -- if you'd like to follow that request, please create a support case and mention FBX-21224 somewhere in it. The tech that takes your case can set it up to do that for you.

    -James Carson
    WatchGuard Customer Support

  • Is this still not a thing in the Watchguard world?

    Has anyone had success with any DDoS vendors and Watchguard at all?

  • Anyone heard anything at all?

    We are just about to embark on using Cloudflare and may have to move away from Watchguard sadly!
  • Came across this issue today. Please implement this feature.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @LeeArmstrong
    The current status of this request is that it's something that the firebox team may add in the future, but it is not currently on the release roadmap.

    To you and others: If you would like this as a feature, I would suggest opening a support case and mention FBX-21224 in your case.
    If you are a partner, I would suggest mentioning this to your WatchGuard Sales rep.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.