OSPF Routing over IPsec tunnels is being weird
-
I have this setup in a lab to make sure I have all of my duck in a row before deploying this to a client. All of the IP's are fake and in a private network not connected to the world at all!
I'm having a problem where the IPsec tunnel interfaces are getting crossed in OSPF.
In my example I have 3 pfSense's. Birmingham, Tuscaloosa, and Pelham. They all have 2 WAN connections, one is AT&T and one is Verizon. AT&T is the primary and Verizon is the secondary / failover. Birmingham is the Main office so the tunnels are built back to there from Pelham and Tuscaloosa. This is outlined in the spreadsheet. Also in the spreadsheet is the cost I have preconfigured for OSPF. These will all be point to point, unless someone has a better idea, so the Router ID isn't super important but I went ahead and specified one anyways just in case things change in the future.
The problem is in the OSPF Neighbors screenshot. You will see that the address two of Pelham's IPsec interfaces are associated incorrectly. I had this exact same thing happen with Tuscaloosa as well but I removed all of the interfaces in OSPF, then from pfSense, then deleted the IPsec tunnels and rebuilt them. I rebuilt them in the exact same way I had them before but after the rebuild the Neighbors chart looked correct. When this happened for Pelham as well I did the same thing but they still came back incorrectly. I didn't want to go through the same tedious process again before trying to make sure I wasn't missing something.Screenshots are taken on the Birmingham Firewall.
Any help would be appreciated! Thanks in advanced!!
-
@williamredwave
I think you are hitting this bug: #15171 -
@mcury It seemed like a bug to me as well but this is my first time doing this kind of configuration. I felt like I was going crazy or had done something wrong. Thanks for the response.