I am planning on switching from static routes for site to site VPNs to dynamic routing to make network more optimized with growing company. Was wondering if any other else has used dynamic routing for VPN tunnels and what they used. We are looking to use OSPF since this is just a hub and spoke setup. When we looked at BGP it was more complicated and had some limitations on the number of supported neighbors (1000) according to the advanced routing handbook. I through around the idea of using BGP neighbor groups to see if that would help with this limitation also. We have over 700 remote offices needing to connect to two active data centers. There will be a primary and backup VPN tunnel using WAN1 and another tunnel using the usb-interface. Would all the remote offices be able to be in one area and if so what is the limitation on the number of devices in an area?
I have successfully used OSPF over IPSec tunnels, though I had under a dozen. I can't see why more wouldn't work. As far as limits to the numbers, you may need to consult Fortinet on this one, or if anyone out here has used this process themselves.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.