Am 01.01.2019 um 13:00 schrieb John Antypas:
Exactly what we had to do. We ended up creating a VTI interface. Once we have the direct interface BGP found direct next tops and was a lot happier
Sent from my iPad
On Jan 1, 2019, at 12:15 AM, Muenz, Michael <m.muenz@spam-fetish.org> wrote:
Am 31.12.2018 um 15:38 schrieb John Antypas: I had not done anything special with the ipsec tunnel, so it probably isn't., WE had assumed since traffic was passed, all was well. We were seeing the BGP updates. We could set up a GRE tunnel between the two sites or GIF (which one would you recommend?) We had thought of that because our first attempt was to use OSPF which didn't traverse the IPSEC link. The enc interface in FreeBSD is not a routed device so you have to create a tunnel interface (GRE preferred) or use route-based IPSEC.
Michael
FYI