OSPF issue on ASA

Unanswered Question
Sep 24th, 2008

First off, I don't have the config and won't have the config until I get home tonight, but I'm throwing this out there for anyone that may have seen this in the past.

I have a 871W router connected to my ISP's cable modem. I have an ASA 5505 connected to the 871W, and all of my hosts are behind it. I've configured OSPF on the 871W in area 0 and I've configured the ASA in area 0 also. NAT'ing is turned off on the ASA.

I've got another 871 router that hangs off of the 871W, and it's running OSPF also.




router ospf 100

network area 0

network area 0



public int - dhcp

private int -

vlan -

router ospf 100

network area 0

network area 0




no global statement

nat (inside) 0

router ospf 100

network area 0

access-list TEST permit ip any

access-list TEST permit ospf any

access-group TEST in inter outside

I don't get any of the routes on the ASA for the network at all, and there are no routes other than my connected routes on the ASA. I don't get hits on any of the lines in my access list either.

On the other two routers, there is an OSPF adjacency with no problems, and they show all of the correct routes.

I've done a debug ospf adj on the ASA, and I get nothing.

I know this isn't the optimal way for me to throw this question out there, but I figured I'd give it a shot. This is a home lab which is why I can't get to it until tonight.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Calin Chiorean Mon, 09/29/2008 - 01:23


On the 871W can you do a "sh ip ospf interface FaX" where FaX is your private int - and paste the output here. Also "sh ip ospf neigh" would be useful to have it here.

The same commands also on ASA on the appropriate interface and without the "ip" word in the command.




Marwan ALshawi Mon, 09/29/2008 - 02:12

there is important thing to note that

Unlike the Cisco IOS routers, the Cisco ASA network command does not use an inverse mask

in ur conifg u use wildcard on ASA change it to :

router ospf 100

network area 0

network area 0

try it and let me know

if helpful Rate


This Discussion