1. We have a 2 XGS connected via a private ISP fiber and the interfaces are LAN / GIG.
2. For resiliency we have a IPsec Tunnel interface between the same, using a disparate ISPs at each location VPN/GIG.
We have been using OSPF for all of our routing between multiple offices with Sophos XGS/FW, and it has worked well!
When I enable dynamic routing for the VPN, OSPF uses #2 Tunnel interface as the route in routing table. #1 above should be faster and more dependable as it is an Enterprise connection w same ISP. I want OSPF to use #1, LAN interface as primary instead of #2 tunnel.
IE: Where can I say weight of #1 Lan is 1, and weight of #2 tunnel interface is 50, or secondary, similar to how we prioritize gateways?
I realize it could be done with SD routes / policy, but since OSPF is working well I would like to stay with it.
Thanks in advance
Edited TAGs
[edited by: Erick Jan at 12:59 AM (GMT -7) on 23 May 2024]
