Is the configuration for OSPF over the new Central SD-WAN VPN's the same as previous configurations as per the links below? Do we still need GRE Tunnels?
https://support.sophos.com/support/s/article/KB-000038014?language=en_US
Is the configuration for OSPF over the new Central SD-WAN VPN's the same as previous configurations as per the links below? Do we still need GRE Tunnels?
https://support.sophos.com/support/s/article/KB-000038014?language=en_US
Hey Doug,
No, We don't need GRE anymore. Central SD-WAN VPN orchestration adds Route-Based VPN tunnels on each end, Custom gateways, and SD-WAN policy routes.
RB IPSec supports multicast traffic over the tunnel. Earlier we needed GRE because Policy-Based IPSec doesn't support multicast over the tunnel which OSPF uses to share route updates(LSAs).
Ensure to enable 'Dynamic Routing' on the VPN zone [Administration > Device Access] if you configure. ;)
Hey Doug,
No, We don't need GRE anymore. Central SD-WAN VPN orchestration adds Route-Based VPN tunnels on each end, Custom gateways, and SD-WAN policy routes.
RB IPSec supports multicast traffic over the tunnel. Earlier we needed GRE because Policy-Based IPSec doesn't support multicast over the tunnel which OSPF uses to share route updates(LSAs).
Ensure to enable 'Dynamic Routing' on the VPN zone [Administration > Device Access] if you configure. ;)