OSPF & IPsec

Hi everyone,

I have followed the following tutorial DMVPN Phase 2 OSPF Routing

I would like to implement IPsec over OSPF do we have a tutorial for that?

I found this tutorial, would this work by replacing RIP with OSPF?

Any pointers much appreciated.

Hello Thomas

It really depends on what you mean. Do you want to be able to run the OSPF routing protocol over a network topology where IPSec is implemented? This can be using DMVPN, GRE, or simply using a pure IPSec VPN. But there are some additional tweaking that you must do for it to work as by default, OSPF will not function over an IPSec link. Take a look at the following post for more details:

In addition, take a look at the following lessons that include situations where OSPF is being run across links where IPSec is employed:


Yes, you could do that, because in essence, a DMVPN is a multipoint GRE tunnel, and GRE supports multicast, thus it supports OSPF. A pure IPSec tunnel such as that described in the following lesson would not function (as described in the post above.)

I hope this has been helpful!

Laz