VMware Networking Community
ashafran
Contributor
Contributor
‎05-15-2019 10:38 AM

VPN subnets advertise into BGP

Hi,

I have a VPN tunnel from my NSX Edge to a remote firewall. I need the subnets that are learned from the other end of the tunnel (remote subnets) to be redistributed into BGP but those routes aren't in the routing table so I can't redistribute them. Does anyone know how to get those routes into the routing table so that I can set this up?

0 Kudos
3 Replies
RShankar22
VMware Employee
VMware Employee
‎05-17-2019 05:53 AM

If default Gateway is configured on your EDGE's , then you wont be able to see the IPSEC auto plumbed routes in your routing table.

Under VPN configuration you have to add IP under extension.

pastedImage_0.png

0 Kudos
RShankar22
VMware Employee
VMware Employee
‎05-17-2019 06:04 AM

There are 2 workaround for this issue as below:

1. Remove the Default Gateway configuration from EDGE and add static default route and extension "securelocaltrafficbyip=0" under VPN.

2. Remove Default Gateway from EDGE and connected subnet one EDGE's as Local/Remote subnet for IPSEC VPN.

0 Kudos
RoelH
Contributor
Contributor
‎07-26-2021 11:05 AM

Hi Ashafan,

Did you manage to get this working?

Thanks in advance.

0 Kudos