07-15-2010 10:28 AM - edited 03-11-2019 11:12 AM
Hi,
Could someone guide me how can I filter the OSPF routes in cisco ASA inside interface. I want only my private network be part of OSPF configured on ASA. But I am getting other routes too from external networks. Pls. suggest.
Thanks,
Solved! Go to Solution.
07-15-2010 02:58 PM
Hello,
Unfortunately, there does not seem to be an option on the firewall to filter routes. So, you might want to do it on the inside router itself. You can use "distribute-list
You need to make sure that this configuration does not affect any of your other devices.
Hope this helps.
Regards,
NT
07-15-2010 02:58 PM
Hello,
Unfortunately, there does not seem to be an option on the firewall to filter routes. So, you might want to do it on the inside router itself. You can use "distribute-list
You need to make sure that this configuration does not affect any of your other devices.
Hope this helps.
Regards,
NT
07-16-2010 02:06 AM
Hi NT,
Those are Type-5 AS External Link States and I tried distribute-list out
I am attching the topology too. I want few routes of Type-5 LSA's to stop to coming on R3 as well as FW. After applying distribut-list in, those routes are not there in sh ip route. But in sh ip ospf database, i can see those routes.
Pls. suggest how this can be possible.
Thanks,
07-18-2010 12:15 AM
i would suggest posting this query in routing community
because i had a similar issue and i was told by few routing experts in my org that OSPF architecture is such that we cannot block incoming routes from being sent accross firewall
what i mean is we cannot filter ospf updates like we do eigrp, the only way to stop updates coming from a different network is by stopping them at source
but as i said again i am not a routing expert, so i would suggest that this query be opened in routing community
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: