Hi,

Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it:

ip tunnel add GRE01 mode gre remote 10.244.0.1 local 10.244.245.32 ttl 255
ip link set GRE01 up
ip addr add 10.244.248.126 dev GRE01
ip route add 10.244.248.125 dev GRE01

Now I have an interface GRE01 (ifconfig):

GRE10     Link encap:UNSPEC  HWaddr <h_addr>
inet addr:10.244.248.126  P-t-P:10.244.248.126  Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP  MTU:1476  Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

And the following routes (ip route list):

10.244.248.125 dev GRE10  scope link 
<pub_subnet> dev eth0  proto kernel  scope link  src <pub_ip> 
default via <pub_gw> dev eth0  metric 100

As a last step, I need now to route my subnet over the tunnel:

ip route add 10.245.1.224/28 10.244.248.125

However, I am getting the error

Error: either "to" is duplicate, or "10.244.248.125" is a garbage.

So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.