DMVPN routing fails but GRE overlay responds to pings - DMVPN-routing-fails-but-GRE-overlay-responds-to-pings/DMVPN-routing-fails-but-GRE-overlay-responds-to-pings

• DMVPN appears to be configured correctly but networks that have routes do not respond to ping requests.

• Cradlepoint router as HUB or Spoke device.

• Zone Firewall will block the traffic because the GRE tunnel is an interface accessing the different zones on the router. 

• Add GRE tunnel to Zone Firewall and allow traffic.

1. Within Router UI navigate to Security>Zone Firewall>Zone Definition
2. Create a new zone. 
3. Within the popup window;
   • Select Add
   • Name the zone GRE
   • From devices select, Add
   • Within Interfaces, select GRE (leave the remaining selection default, Config Name, is, Any)
   • Save and exit
4. Within Router UI navigate to: Security>Zone Firewall>Zone Forwarding
5. Add forwarding for the Primary Lan, GRE, and Router Zones shown below. 

• GRE - Primary LAN Allow all.
• Primary LAN - GRE Allow all.
• Router - GRE Allow all.
• GRE - Router allow all.