Dears,
Scenario is IPsec tunnel is already established in VPN 0 and also we have loopback created in VPN 0 which we want to forward through IPsec tunnel because though this loopback NMS system will access vEdge.and a default route pointing towards next hope is also in VPN 0. N0w i have two queries.
1- I can see default route in other device routing table. How it is advertise to other end of IPsec even we don't run a routing protocol.
2- I need to advertise it to other end of loopback.
Below is configs on vEdge:
Note: 10.12.12.0/30 is dummy IPs on both ends of IPsec tunnel.
vpn 0
interface ipsec1
description MGMT-Tunnel
ip address 10.12.12.1/30-- other end 10.12.12.2/30 which are dummy
tunnel-source-interface ge0/4 (87.101.243.182)
tunnel-destination 37.76.50.50
ike
version 1
mode aggressive
rekey 3600
cipher-suite aes256-cbc-sha2
group 2
authentication-type
pre-shared-key
pre-shared-secret XYZ
local-id ABC
!
!
!
ipsec
rekey 3600
replay-window 64
cipher-suite aes256-cbc-sha1
perfect-forward-secrecy none
!
no shutdown
access-list ipsec in
!
interface loopback5
ip address 5.132.1.1/32
no shutdown
!
ip route 0.0.0.0/0 87.101.243.181-- Towards PE
ip route 5.132.250.250/32 37.76.254.57-- IPSed destin
!
If you have any question, can ask. Thanks