Advertise OpenVPN client/server routes to RIP/OSPF/BGP
-
Evnin'
Is there a possibility to advertise automatically OpenVPN routes (client/server) to the routing daemons?
I run OpenVPN as a server for the company network but also as client….but all I see with an attached Cisco with RIPv2 is the /32 endpoint from the OpenVPN client...
-
Okay…with OSPF I see now the VPN and local routes advertised to the neighboring Cisco router....
Also in OSPF I see the routes coming from the Cisco router...but those are not reachable from within pfSense shell...and not installed...
-
Also with JunOS no luck…
I see the entry locally on the QuaggaOSPFd status page:
O> 172.16.255.2/32 [110/10] via 10.0.2.11, igb0, 00:00:06
But of course not pingable from the pfSense shell.
-
The system didn't liked both RIPv2 and QuaggaOSPFd to be running…even disabling did not help...had to remove RIPv2 package completely...
Not the OSPF routes make it to the FIB and I can ping the JunOS box loopback coming into pfSense via OSPF (o;
-
Okay…not solved....
Quagga OSPFd correctly installs OSPF routes into the FIB....but:
it does not deinstall them when the advertising router has gone!!!
-
Hello,
Did you get that to work?
I'm also trying to advertise OpenVPN client static routes via BGP (FRR) but until now without success
pfSense doesn't create a /32 route (client) in its routing table.
My aim is:
- connect the road warrior to pfSense (WAN) using SSL/TLS + User Auth (LDAPS) mode (ok, working)
- advertise the static IP (10.10.10.22) assigned to the road warrior to PE2 (BGP neighbor) (not working)
In my scenario:
- PE2 has a BGP session established to pfSense
- PE3 (10.200.200.50) has ACL control allowing the network 10.10.10.0/24 to get SSH access
Thanks
