> -----Original Message----- > From: [email protected] [mailto:juniper-nsp- > [email protected]] On Behalf Of Devin Kennedy > Sent: Thursday, April 21, 2011 11:33 AM > To: [email protected] > Subject: [j-nsp] Trying to get OSPF to work across IPsec for Redundancy > > Hello All: > > I'm trying to get OSPF up over IPsec. We have two IPsec tunnels, a > primary and a secondary that our spoke router can use. We want to have > the spoke router run OSPF across both and then in case of a failure of > the primary hub router (where the primary IPsec tunnel terminates) OSPF > will direct traffic over the backup tunnel to the backup hub. > > So far I have seen OSPF on the spoke router come up just a couple of > times but only to one or the other peer. It never has come up to both > peers. Here are my configurations for OSPF and the services interfaces > below. Also BGP is up on all routers and all routers are reachable via > BGP. > > If anyeone can guide me in the right direction to get OSPF working over > IPsec that would be most apprectiated!
Have you configured router-id's on all the devices? I've seen this many times where simply configuring the router-id will cause the OSPF adjacencies to form across the tunnels. 'set routing-options router-id x.x.x.x' should do the trick. If that doesn't work, give us the output from 'show ospf interfaces' on all the devices. Stefan Fouant, CISSP, JNCIEx2 www.shortestpathfirst.net GPG Key ID: 0xB4C956EC _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
