This chapter shows an example of OSPF routing conducted over an IPsec tunnel between two FortiGate units. The network shown in
Figure 283 is a single OSPF area. FortiGate_1 is an Area border router that advertises a static route to 10.22.10.0/24 in OSPF. FortiGate_2 advertises its local LAN as an OSPF internal route.
The section
“OSPF over IPsec configuration” describes the configuration with only one IPsec VPN tunnel, tunnel_wan1. Then, the section
“Creating a redundant configuration” describes how you can add a second tunnel to provide a redundant backup path. This is shown in
Figure 283 as VPN tunnel “tunnel_wan2”.
Only the parts of the configuration concerned with creating the IPsec tunnel and integrating it into the OSPF network are described. It is assumed that security policies are already in place to allow traffic to flow between the interfaces on each FortiGate unit.