I'm just trying to use the PPTP client in Windows to connect to client sites. Unfortunately it's the only protocol option available. The PPTP traffic (TCP 1723) itself passes through the firewall in both directions without issue, but the GRE inbound traffic fails and the tunnel is never negotiated.
If I had control over what protocol my clients use, I'd migrate them in a heartbeat. As is, I just want to get it working.