Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
0
Helpful
7
Replies

OSPF routing question

Go to solution
john.wright
Level 3
Level 3

‎03-23-2009 08:34 AM - edited ‎03-04-2019 04:03 AM

We are moving from an all static route environment to OSPF. Currently we tell each remote router that the route for outside VPN is found on our ASA at each site. ip route x.x.x.x 255.255.255.0 10.x.x.x

How do I code the same thing in router using OSPF so that all the other routers know where that VPN tunnel is to outside world on our ASA?

Thanks for help

Labels:
Preview file
187 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Joseph W. Doherty

‎03-23-2009 10:00 AM

Hello Joseph,

ASA supports OSPF (this can be version dependent)

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ip.html

By the way your suggestions are reasonable

Hope to help

Giuseppe

View solution in original post

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to john.wright

‎03-23-2009 12:52 PM

If the ASA supports running OSPF, it might be as simple as "covering" the interfaces of interest with a OSPF network statement within the OSPF config (much as you would do on a router).

(I haven't worked with an ASA, but glancing at the reference Giuseppe provided, it might be as simple as I just described. [If not, someone please correct.])

View solution in original post

0 Helpful
7 Replies 7

Go to solution
lamav
Level 8
Level 8

‎03-23-2009 08:54 AM

Jon:

This question really speaks to what you are doing on your network in general.

What is the topology? Hub and spoke?

What are the remote users trying to access, the corporate network or the Internet?

How are you planning on implementing OSPF?

0 Helpful

Go to solution
john.wright
Level 3
Level 3
In response to lamav

‎03-23-2009 10:04 AM

We are a router on a stick right now. But the attachment that I provided shows how we want it to look in the future. Router A (our router) will connect to Router B (the co-located vendor router).

Every site has that same topology. The VPN is for people to access the corporate network.

How will we implement OSPF? Good question. As you can see our router connectivity is very simple. There will be one connection to the LAN and one connection to the vendor router.

Anything fancy that we will need to do via OSPF the vendor will dictate. I just need to understand how to advertise the VPN tunnel to the rest of the network.

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-23-2009 09:46 AM

Assuming the ASA can't run OSPF, on any OSPF router that's connected to it, you might use a static route (probably much as you do now) that you also redistribute into OSFP. Other OSPF routers will then see the route information within OSPF.

Another method might be to configure a GRE tunnel through the ASA and run OSPF on the tunnel interface. Then both sides of the tunnel can know all the routes on the other side of the tunnel.

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Joseph W. Doherty

‎03-23-2009 10:00 AM

Hello Joseph,

ASA supports OSPF (this can be version dependent)

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ip.html

By the way your suggestions are reasonable

Hope to help

Giuseppe

0 Helpful

Go to solution
john.wright
Level 3
Level 3
In response to Joseph W. Doherty

‎03-23-2009 10:46 AM

Joseph

Thanks for the response. If I understand you correctly I need to code the following on the ASA:

router ospf 1

and then the redistribute parameter?

I am looking at the link that Giuseppe

sent and that seems to be what is needed?

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to john.wright

‎03-23-2009 12:52 PM

If the ASA supports running OSPF, it might be as simple as "covering" the interfaces of interest with a OSPF network statement within the OSPF config (much as you would do on a router).

(I haven't worked with an ASA, but glancing at the reference Giuseppe provided, it might be as simple as I just described. [If not, someone please correct.])

0 Helpful

Go to solution
john.wright
Level 3
Level 3
In response to Joseph W. Doherty

‎03-24-2009 10:57 AM

Thanks for the help from all of you. It was just a matter, as you indicated, of adding a few OSPF statements to the ASA.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card