Operational Defect Database
BugZero found this defect 3614 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3fCSAQ
OSPF for VPN with Virtual Interface may fail with PPPoE or other low-MTU connections
Last update date:
6/27/2014
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
All
Description:
Issue
When you configure Dynamic Routing with OSPF for a Branch Office VPN virtual interface, OSPF may fail to learn routes if one of the VPN endpoints uses PPPoE or another Internet connection with an MTU setting lower than 1500.
Workaround/Solution
You can avoid this issue if you add these two lines to the OSPF configuration on each Firebox or XTM device:interface bvpnX [replace X with the virtual interface number]ip ospf mtu-ignore
