I have a redundant ASA setup using 2 OSPF processors, one for the external core network and one for the internal core network.
Normally I have public IP's from the external OSPF being inserted into the routing table on the ASA, and private IP's comming from the internal OSPF. I'm not redistributing routes between the OSPF's.
Until now there has been no need for filtering what goes into the routing table from each OSPF.
Now there is a need though, as I have routes in the internal OSPF which conflict with routes injected from the external OSPF, so I need to filter out the conflicting routes on the ASA firewall to keep it from inserting them into the routing table.
The ASA 7.2 seem to have this feature, if using RIP!! (distribute-list in)
Is there any way of doing this when I'm using OSPF.
The conflicting routes are needed in the internal OSPF by other network equipment to pinout traffic destined for a specific network and send it to an alternative gateway handling the outbound traffic to the network.
I Hope someone has the time to point me in the right direction :) Thanks in advance .. any help will be appreciated :)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...