Hi,

Continuing from where we left off from the previous post,

https://r2079.wordpress.com/2015/09/20/hub-and-spoke-vpn-implementation-srx/

Requirement is to first run OSPF among the hub and spoke routers and once loopbacks are exchanged over OSPF, bgp over loopback  should be formed.

Policies are very-important more than anything else for this requirement, you exactly have to know in which zone policy needs to be allowed.

topology

Configuring OSPF and verifying it

1_ospf_config 2_ospf_check 3_ospf_ping_test

Once Loopback Reachability is established, time to form BGP

4_bgp_config

Looking at policies and protocols allowed for zone

5_zone_policy_config

As we can see, protocol configuration is straight forward, but you have to know what to allow where in order for this to happen.

Regards

Rakesh M

Advertisements