Products
- Network Security
  - Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
  - Security ServicesComprehensive security for your network security solution
- Access Security
  - Secure Mobile AccessRemote, best-in-class, secure access
  - Wireless Access PointsEasy to manage, fast and secure Wi-FI
  - SwitchesHigh-speed network switching for business connectivity
- Cloud Security
  - Cloud App SecurityVisibility and security for Cloud Apps
  - Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
  - Capture ClientStop advanced threats and rollback the damage caused by malware
  - Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
  - Product Menu Right Image
  - Capture Cloud Platform
    Capture Cloud Platform
    A security ecosystem to harnesses the power of the cloud
- Button Widgets
  - all products A–Z FREE TRIALS
Solutions
- Industries
- Use Cases
- Solutions Widgets
  - Solutions Content Widgets
    Federal
    Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
  - Solutions Image Widgets
Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
  - Custom HTML : Partners Content WIdgets
    Partner Portal
    Access to deal registration, MDF, sales and marketing tools, training and more
  - Partners Image Widgets
Support
- Support
- Resources
- Support Widget
  - Custom HTML : Support Content WIdgets
    Support Portal
    Find answers to your questions by searching across our knowledgebase, community, technical documentation and video tutorials
  - Support Image Widgets
COMPANY
PROMOTIONS
MANAGED SERVICES
Contact Sales

English English en

Support on SonicWall Products, Services and Solutions

Browse Knowledgebase by Category

Capture Security Center

Management and Reporting

How to create a mesh VPN network using Tunnel Interfaces and OSPF

12/20/2019 757 12402

DESCRIPTION:

It is quite easy to implement a Hub and Spoke VPN network using both Tunnel Interface and OSPF but the transition to a mesh network can be troublesome if you want to redistribute the SonicWall’s firewalled subnets.

RESOLUTION:

If you simply use the option “Redistribute Connected Network” in your OSPF configuration, it will perfectly work in hub and spoke environment but will prevent transition to a mesh environment as a tunnel interface is considered a connected interface by the SonicWall, hence the “spoke to spoke” VPN tunnel will fail to be created as both spokes will try to contact each other via the already existing VPN tunnel to the Hub.

Enable spoke 1

Figure 1

Enabling spoke 2

Figure 2

In figure 1, you can see that a route exist to the second spoke (#6). In Figure 2, it should the equivalent on Spoke 2 (route #6).

The solution in to create a fully mesh environment is to use the OSPF “Passive” mode on the connected interface of all the mesh network’s nodes.

When OSPF passive mode is enabled on an interface, neither OSPF packets are sent nor any received on this interface. It only results in that interface’s network being advertised by OSPF to other OSPF peers as LSA 1 (Router) instead of LSA5 (External) when using “Redistribute Connected Networks”.

To Activate the Passive mode on your SonicWall’s internal networks, simply go to Network, Routing.

Then configure an internal network

Activate OSPF

Then simply choose the mode “Passive”

OSPF passive second

Capture More

Fear Less

Capture Cloud Platform

Federal

Partner Portal

Support Portal

Capture Cloud Platform

Federal

Partner Portal

Support Portal

How to create a mesh VPN network using Tunnel Interfaces and OSPF

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Not Finding Your Answer?

About SonicWall

Products

Solutions

Customers

Support

How to create a mesh VPN network using Tunnel Interfaces and OSPF

Categories

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Not Finding Your Answer?

About SonicWall

Products

Solutions

Customers

Support