Doubt questions about the gre protocol
I use Fedora 38, DE Bnome 44.1
1 - What does the gre protocol do?
2 - Please explain to me in detail what is its function and if activating it, the system becomes susceptible to invasion attempts?
3 - To access the company’s VPN I use the command script:
sudo firewall-cmd --add-protocol=gre
It displays the success message, after that I click on the VPN button and it works, it stays active, but every time I have to do this. I want to know how to transform the script to make this script permanent and I don’t need to type this command escript every time I turn on the computer that I informed in the paragraphs above?
I tried using this command:
sudo firewall-cmd --permanent --add-protocol=gre
But it shows this error below:
usage: 'firewall-cmd --help' for usage information or see firewall-cmd(1) man page
firewall-cmd: error: unrecognized arguments: –add-protocol=gre
To leave it permanent and I don’t need to access the Linux bash terminal every time I want to enter the VPN, I want to automate the command and leave it permanent so I don’t need it every time I want to access the VPN having to type in the bash terminal the gre protocol activation command to activate the VPN.
That the VPN is only active while the machine is not shut down, after shutting down the machine and returning, when clicking on the VPN button it does not activate and fails, I need help, please, to execute a command to make the gre protocol permanent and I need to access the VPN just by activating it by clicking on the button and not needing to activate the VPN by script code command through the terminal.
The gre protocol is the most simple protocol to make a direct connection from host/network A to host/network B tunneled over network C, e.g. the internet. For security, you can specify two keys.
You create a packet from A/gre-IP to B/gre-IP and add an IP header from A/internet to B/internet, that’s it. The receiver strips off the additional IP header and finds your original packet.
There is no encryption, so if someone is able to catch the communication on C, he can follow it and enter your network. For connection to company it seems for me, but I’m just an user and not an IT specialist, unacceptable. For this purpose, I would consider to use OpenVPN or Wireguard for encryption and security,
Thanks for the help, the gre protocol script is working in permanent mode, now I activate the VPN with a click of the button, without the need to keep typing the gre protocol activation command script every time I need to access the VPN .