I think you are confusing yourself. What you are trying to do is a network function, not a business function. The business might be to allow users via gre tunnel but to achieve this you need a network rule because there is no busines functions in a gre tunnel. Business functions are application based etc not protocol based.
↧