Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
OSPF through OpenVPN
« previous
next »
Print
Pages: [
1
]
Author
Topic: OSPF through OpenVPN (Read 6456 times)
vrod
Newbie
Posts: 5
Karma: 0
OSPF through OpenVPN
«
on:
April 11, 2018, 12:51:21 pm »
Hello everyone,
I'm a fresh user of OPNSense. For the longest time I've been running pfsense as a virtual machine but I wanted to separate the firewall from the virtual infrastructure... In that case I have been looking at OPNSense to replace pfsense for multiple reasons (pfsense now more commercial, more features with OPNSense, etc.) and I have currently set up my hardware appliance (IBM x3650 M3).
I need to connect 3 offices and in pfsense I've been using Quagga OSPF to do the routing. Now, most of you here are aware of the fact that the GUI doesn't allow you to add the ovpns interfaces to the OSPF instance (is there any plans to make this possible soon?). I have seen that people have circumvented this by adding the interfaces directly to the OSPF config itself but where is this located? OSPF is a must for me and I would really like to use OPNSense together with it.
I hope someone here could help out, that would be great.
Regards,
Chris
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: OSPF through OpenVPN
«
Reply #1 on:
April 11, 2018, 01:08:13 pm »
You can find the configuration file here:
OSPFv2 (IPv4):
https://github.com/opnsense/plugins/blob/master/net/frr/src/opnsense/service/templates/OPNsense/Quagga/ospfd.conf
OSPFv3 (IPv6):
https://github.com/opnsense/plugins/blob/master/net/frr/src/opnsense/service/templates/OPNsense/Quagga/ospf6d.conf
The src directory in git is the /usr/local directory on the device. Please note that this will will be reset when the plugin gets an update.
Logged
vrod
Newbie
Posts: 5
Karma: 0
Re: OSPF through OpenVPN
«
Reply #2 on:
April 11, 2018, 01:30:33 pm »
Greetings and thanks for the fast reply! I replaced the contents in ospfd.conf but still can't see the option to add the ovpns interfaces. Still get the same ones. Do I need to do something specific for it to work?
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: OSPF through OpenVPN
«
Reply #3 on:
April 11, 2018, 01:37:55 pm »
No, the problem comes from core and affects all plugins. The "InterfaceField" does not return the VPN-Interfaces separately which is the reason why the plugin does not allow you to configure the OpenVPN interfaces correctly. That is the reason why the only way to configure that is by manipulating the template or temporary using vtysh.
Logged
vrod
Newbie
Posts: 5
Karma: 0
Re: OSPF through OpenVPN
«
Reply #4 on:
April 11, 2018, 01:46:40 pm »
OK sorry for my stupidity but I am a little confused then.
So, this means there's no way to do it? Will I have to amend the configuration file itself (where you have networks and interfaces configured)?
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: OSPF through OpenVPN
«
Reply #5 on:
April 11, 2018, 02:02:36 pm »
Yes, you have to modify the configuration file by yourself (even better would be the template I linked above).
Logged
vrod
Newbie
Posts: 5
Karma: 0
Re: OSPF through OpenVPN
«
Reply #6 on:
April 13, 2018, 04:23:00 pm »
Hello,
I've been a bit busy so I have just gotten the time now to try this out.
I am still not exactly sure what you mean, but I applied the config that you linked to, to the folder on the opnsense firewall. I then went into /usr/local/etc/frr/ospfd.conf and added "interface ovpns1" and "interface ovpns2".
Saved file and then went to webui to reload the service. Now the interface statements has been removed. Am I not supposed to reload the service through the webui?
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: OSPF through OpenVPN
«
Reply #7 on:
April 13, 2018, 04:46:54 pm »
You have to edit the template. This file is the real file used by the service which will be overwritten via configd every time you change something in the GUI or at events like booting or upgrading. The template is the one I mentioned earlier.
Logged
vrod
Newbie
Posts: 5
Karma: 0
Re: OSPF through OpenVPN
«
Reply #8 on:
April 13, 2018, 04:53:07 pm »
Aha! I have figured it out now.
The "real" ospfd.conf gets generated from the template that you linked to me... so I threw in interface ovpns1/2 in the template before router ospf and it's there now. Awesome, thank you!
Logged
favy
Newbie
Posts: 1
Karma: 0
Re: OSPF through OpenVPN
«
Reply #9 on:
August 13, 2019, 12:18:27 pm »
Hello, sorry for bringing up this thread but I have the same problem in 19.7. If I understand correctly, Fabian says to copy-paste the code at
https://github.com/opnsense/plugins/blob/master/net/frr/src/opnsense/service/templates/OPNsense/Quagga/ospfd.conf
to /usr/local/opnsense/service/templates/OPNsense/Quagga/ospfd.conf
The problem I have is that the code linked in github is already what I have on my machine so I'm not sure what I should do.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
OSPF through OpenVPN