Messages

I have 2 IPSEC site to site connections that I am attempting to configure for BGP. They are using different ISPs. The tunnels get established as do the BGP sessions. But at after 2 minutes and 20 seconds, the connections drop, and only 1 will re-establish the connection. A packet capture on the interface indicates it is receiving a connection reset from the other end. Why would this occur after the initial connection is made and BGP is sending messages back and forth?

Visual of packet capture attached.

That is the interesting part. If I port probe from either OPN to the other end of the tunnel on TCP/179 I can see the TCP 3 way handshake complete and the next packet is a BGP Open message, however if I start a packet capture on the IPSec interface and then blip the BGP service, no packets are captured at all.

Yes, it is a route based IPSec tunnel

[Current BGP nexthop cache: 10.2.0.240 invalid, #paths 0, peer 10.2.0.240]

I have an OPNsense fwl running 22.7.2 and FRR. I have configured an IPsec tunnel and have the security association established between the two ends. I can ping either end of the tunnel from the other. I also have a rule to allow all traffic across the IPSec interface. When I do a port probe for TCP/179 from the OPNsense device on each end and capture the packets, I see the TCP handshake established, and then a BGP Open message. However when I try to configure the neighbor using the tunnel address, the BGP log only shows an active state and a packet capture for the IPSec interface does not show any packets.

When entering the show bgp nexthop command this is the output:
Current BGP nexthop cache:
10.2.0.240 invalid, #paths 0, peer 10.2.0.240
  Must be Connected

10.2.0.240 is the other end of the IPSec tunnel

Any help would be very much appreciated.