Add ability to filter OSPF (PEPVPN) routes


#1

We have a large and growing network - two data centers with B710s. 120 remote peers, each with PEPVPN to one or both data centers. MOstly MAX-BR1
In some cases there are sets of remote units that also have conections to each other.
Example is a chain of medical clinics - 5 locations. Central location has a Balance 380. other 4 are BR1s.
Each units has a speedfusion vpn to one of our data centers (for their phones), plus a speedfusion to the B380 (for their internal network), plus several IPSEC VPN connections to various other vendors (X-Ray processing etc).

The issue we are trying to work around is that the IPSEC VPN routes cna some of the local subnets need to be advertised to the other units in their network, but NOT to the B710s.

When we used to deploy Sonicwall we would use “route filtering” on the advanced OSPF settings on the central/hub unit to filter out route updates we did NOT want to process.
We would like to see this feature added to peplink speedfusion. You can almost accomplish this by controlling route advertising at the remote units, but that is all or nothing - you cannot say "advertise this route to speedfusion link B, but not to A. Filtering allows both finer control AND allows us to avoid issues with people making mistakes with remote units. i.e. I would always filter out 192.168.1.0/24 and 192.168.50.0/24 at the central unit.


#2

This feature was put into the roadmap. Engineering team will look into this.

Thanks for your feature request!


#3

+1
This makes sense
Cheers
Dana


#4

I’d also like to add that I’d like to see this feature.