This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec, OSPF and RED Tunnels

Hello,

 

                 I wanted to share some information for those of you that are looking to build OSPF network via RED Tunnels and might currently still have IPsec in play. If you have IPec tunnels built to sites that have RED tunnels that are in use with OSPF. The IPsec tunnels will always win and the traffic will pass over the IPsec connection instead of flowing through the RED tunnel. I believe that this is because a "silent" metric is with IPsec that makes the UTM. Also if you use OSPF make sure that if you want remote sites to use their own WAN gateway for non-OSPF related routes that the metric of the interface is set to 1. otherwise remote sites will push all traffic to the ASBR. I hope this helps folks and I am currently building a multi-area OSPF network with 26 UTMs ranging from the 105 series to the 230 so if I find more information that I can pass along to help others. I surely will! 

 

 

Thanks,

Alex



This thread was automatically locked due to age.
Parents
  • If anyone comes across the below error message in the live OSPFD logs it indicates an LSA mismatch. I hadn't realized it but I set an upstream ABR as a normal area type and it was supposed to be a stub area. I fixed it and it immediately resolved the issue with the two UTM devices not forming an adjacency (neighborship). hth

    Packet 1.1.1.1 [Hello:RECV]: my options: 0, his options 2

Reply
  • If anyone comes across the below error message in the live OSPFD logs it indicates an LSA mismatch. I hadn't realized it but I set an upstream ABR as a normal area type and it was supposed to be a stub area. I fixed it and it immediately resolved the issue with the two UTM devices not forming an adjacency (neighborship). hth

    Packet 1.1.1.1 [Hello:RECV]: my options: 0, his options 2

Children
No Data