Hello guys,
I have OSPF/GRE on top of 2 ipsec tunnels connecting to 2 remote locations. Everything is working perfectly on this.
Now I setup an ipsec roadwarrior connection using mode-cfg and template policies to one of the locations.
I want that the roadwarrior access all the locations, so I created policies to all 2 locations and the client is negotiating the child SAs.
When I ping, I can see the packets flowing to all 2 locations, but there’s no reply, of course, because of the routes.
If I add a static route 192.168.77.0/24 via gre, it works.
If I add a network 192.168.77.0/24 on OSPF configuration, there’s no interface associated(as this is a ipsec pool) and no LSA, so the neighbors don’t know anything about it.
How is it possible to make OSPF advertise IpSec policy ip?