IPSec Site to Site

When working with UniFi UI, even though you click on the VPN interface for OSPF, it might actually not add it to the configuration. So if you see the device never sending hellos/communicating, it might be that the interface is omitted from the configuration

We need to figure out what the IPSec interface is, and we can find this with

ifconfig

It should be a vti## interface where we should see the IP listed for the VPN tunnel We then need to enter FRR configuration with the following command

vtysh

We should be in FRR mode, and can go to config mode

config t

Then we can go to the interface and configure it

int vti##

After we enter the interface config, we need to set it up with the point-to-point mode, and make sure the config matches our hub

ip ospf network point-to-point
ip ospf dead-interval 40
ip ospf hello-interval 10

It might be benneficial to make sure our lan interfaces are setup as passive and the router configuration is correct