cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
423
Views
0
Helpful
3
Replies

How to enable ASA to forward routing updates?

Leo_Stobbe
Level 1
Level 1

Hi,

I have ASA between 2 routers. The routers use OSPF. How to get ASA forward the ospf multicast packets in order making these routers neighbor?

thanks

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Leo

If I understand your post correctly you have two routers with each router connected to an ASA. Unless there is something you have not explained that ought to mean that each router interface was in a different subnet. If the routers are in different subnets they can not become OSPF neighbors.

You could probably configure a GRE tunnel between the routers and they could become neighbors over the tunnel. But then they would route their data over the tunnel and that defeats the purpose of having them connected to the ASA - you might just as well remove the ASA and connect the routes directly.

Perhaps if you explain a bit more about your environment and what it is that you are trying to achieve we might find an alternative that works for you.

HTH

Rick

HTH

Rick

The most practical solution to this is to run

the ASA in "transparent" mode. That way, you

can still inspect the traffics and decide if

they are allow to pass through the firewall.

HTH

David

CCIE Security

Hi, David!

I can't use ASA in "transparent" mode, as i have

VPN configurations on it..Actually i have involved the ASA to routing process.So it is working fine. I just want to know is there any alternate solution without enabling dynamic routing on ASA and leaving it to focus on its primary job(firewalling)?...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: