A typical (and my preferred) method of ignoring routes originating from one redistribution source while accepting those same routes from another redistribution source would be to use a route-map with a distribute-list in command under the routing process. For example:
router ospf 1
distribute-list route-map foo in
route-map foo deny 10
match tag 2
route-map foo permit 10
match tag 1
This would filter any routes that have been redistributed with a tag of "2" and accept any routes that have been redistributed with a tag of "1". I have used this successfully in many scenarios but now I need to accomplish this same behavior on a PIX-515E.
The PIX is participating in OSPF and I would like for it to not use routes that have been redistributed from one source but still use those same routes that have been redistributed from another source. The issue I have run into is:
1. The PIX does not support route-maps under distribute-lists.
2. The PIX does not support "match" tag as a subcommand of route-maps.
So, does anyone have any other suggestions for accomplishing similar route filtering on a PIX-515E ?