Rerervse-route injection into OSPF for SSL VPN remote connections to ASA

Unanswered Question
Jan 13th, 2010
User Badges:

Hi folks,

I'm curious if there's a way to configure RRI into an OSPF process for VPN connections done via AnyConnect (SSL VPN). I thought it could be done similar to IPSec and configure it by adding "reverse-route" statement into a crypto map but it appears it won't work that way. Any ideas ?

Thanks, Eugene

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jefferyshi Wed, 02/16/2011 - 05:47
User Badges:

Hi Eugene

You need ocnfigure IP pool for SSL, once remote user connect to ASA successful, it will automatically generate one host static route.

You may set OSPF policy to redistribute it to IGP. Once the user disconnect, the host static will disappear.

S [1/0] via "internet gateway", outside


epelser_2 Mon, 04/08/2013 - 20:18
User Badges:

Hi Jeffery

Do you know if there is a way to summarize the host routes before advertising into OSPF?




This Discussion