Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

OSPF Routing how to prioritize interface vs tunnel

1. We have a 2 XGS connected via a private ISP fiber and the interfaces are LAN / GIG.

2. For resiliency we have a IPsec Tunnel interface between the same, using a disparate ISPs at each location VPN/GIG.

We have been using OSPF for all of our routing between multiple offices with Sophos XGS/FW, and it has worked well!

When I enable dynamic routing for the VPN, OSPF uses #2 Tunnel interface as the route in routing table.  #1 above should be faster and more dependable as it is an Enterprise connection w same ISP.  I want OSPF to use #1, LAN interface as primary instead of #2 tunnel.

IE: Where can I say weight of #1 Lan is 1, and weight of #2 tunnel interface is 50, or secondary, similar to how we prioritize gateways?

I realize it could be done with SD routes / policy, but since OSPF is working well I would like to stay with it.

Thanks in advance



Edited TAGs
[edited by: Erick Jan at 12:59 AM (GMT -7) on 23 May 2024]
Parents Reply Children
No Data