03-02-2007 07:33 AM - edited 02-21-2020 01:25 AM
Hi,
I have ASA between 2 routers. The routers use OSPF. How to get ASA forward the ospf multicast packets in order making these routers neighbor?
thanks
03-03-2007 11:08 AM
Leo
If I understand your post correctly you have two routers with each router connected to an ASA. Unless there is something you have not explained that ought to mean that each router interface was in a different subnet. If the routers are in different subnets they can not become OSPF neighbors.
You could probably configure a GRE tunnel between the routers and they could become neighbors over the tunnel. But then they would route their data over the tunnel and that defeats the purpose of having them connected to the ASA - you might just as well remove the ASA and connect the routes directly.
Perhaps if you explain a bit more about your environment and what it is that you are trying to achieve we might find an alternative that works for you.
HTH
Rick
03-03-2007 02:46 PM
The most practical solution to this is to run
the ASA in "transparent" mode. That way, you
can still inspect the traffics and decide if
they are allow to pass through the firewall.
HTH
David
CCIE Security
03-04-2007 09:37 PM
Hi, David!
I can't use ASA in "transparent" mode, as i have
VPN configurations on it..Actually i have involved the ASA to routing process.So it is working fine. I just want to know is there any alternate solution without enabling dynamic routing on ASA and leaving it to focus on its primary job(firewalling)?...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: