Hi,
I have a main site with a Sophos XG, a branch site with a Sophos XG, and another branch site with a Fortigate.
There are a pair of red tunnel between the two sites with Sophos XG's (main site has 2 WAN connections) and using OSPF to manage routes and provide connectivity even if one of the WAN connections goes down.
There is an IPSEC tunnel between the main site XG and the Fortigate (obviously Fortigate's don't support RED).
OSPF on the main site doesn't export the IPSEC routes so the two branch sites can't talk to each other. I could manually add routes and manually update in the event of a WAN link failure but I'd rather set it up properly and not have to micromanage it.
How can I get OSPF to export the IPSEC routes? I can see them in the routing table (against interface ipsec0) but not in the OSPF database.
I can't make a tunnel between the branch XG and the branch Fortigate because both have dynamic IP addresses. The only traffic going through the tunnel will be a small amount of printer management traffic (SNMP) so the "spokes" having to traverse the "hub" to talk to each other isn't an issue.
Thanks
James
This thread was automatically locked due to age.
