Dynamic Routing over IPSec VPN

Question

I am planning on switching from static routes for site to site VPNs to dynamic routing to make network more optimized with growing company.  Was wondering if any other else has used dynamic routing for VPN tunnels and what they used.  We are looking to use OSPF since this is just a hub and spoke setup.  When we looked at BGP it was more complicated and had some limitations on the number of supported neighbors (1000) according to the advanced routing handbook.  I through around the idea of using BGP neighbor groups to see if that would help with this limitation also.  We have over 700 remote offices needing to connect to two active data centers.  There will be a primary and backup VPN tunnel using WAN1 and another tunnel using the usb-interface.  Would all the remote offices be able to be in one area and if so what is the limitation on the number of devices in an area?

rwpatterson · Answer

I have successfully used OSPF over IPSec tunnels, though I had under a dozen. I can't see why more wouldn't work. As far as limits to the numbers, you may need to consult Fortinet on this one, or if anyone out here has used this process themselves.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded