Description:
In the interests of load distribution and redundancy, the headquarters can operate several VPN gateways to be used by the branches to establish a VPN connection. A routing protocol like RIP (Routing Information Protocol) is used to synchronize the routing entries between the VPN gateways.
As of LCOS 10.40, RIP is no longer able to select the routes used for simplified certificate dial-in from the routing table. For this scenario, an alternative routing protocol named OSPF (Open Shortest Path First) has to be used instead.
This article describes how to change from RIP to OSPF.
Requirements:
Scenario:
Procedure:
The following steps need to be carried out on all of the VPN gateways at the headquarters. No configuration changes are required on the VPN routers at the branches! |
1) Open the configuration of the VPN gateway at the headquarters and switch to the menu item Routing protocols → RIP → RIP networks).
2) Mark the RIP network being used (in this example the network INTRANET) and click on Edit.
3) Set the RIP type to Off to disable RIP for this network.
4) Switch to the menu Routing protocols → OSPF and set a checkmark for Open Shortest Path First (OSPF) enabled.
5) Go to the menu OSPF instance.
6) Select the entry DEFAULT and click on Edit.
7) Make sure that the entry Activate OSPF instance is checked and, under Router ID, enter the IP address of the router on the network used to propagate routes via OSPF.
8) Go to the menu OSPF instances.
9) Modify the following parameters:
10) Go to the menu Connected.
11) Modify the following parameters:
12) This concludes the changes on the first VPN gateway. Write the configuration back to the router.
13) Repeat these steps for the second VPN gateway.