Here there are two sites. R1 is the 'core' site and R2 is a 'branch office'. R1 has lots of firewall rules implemented as zone policy rules. The problem is that all traffic from the VPN looks the same from the point of view of a zone-based firewall. What I want is to be able to write zone-based firewall rules on R1 that treat the remote networks similar to local networks.
So far I have had a poke around and while this could be achieved using policy based static routing I would like it if these two sites could exchange route tables with BGP or OSPF. The main reasons for that is; that both sides have a dynamic IPv6 prefix so every few days all the v6 addresses change.
Is this kind of config even possible? Can I convince BGP/OSPF to populate non-kernel routing tables? Is the whole idea stupid and should I be using something based on MPLS/VPLS instead?