Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to enable ASA to forward routing updates?

Hi,

I have ASA between 2 routers. The routers use OSPF. How to get ASA forward the ospf multicast packets in order making these routers neighbor?

thanks

3 REPLIES
Hall of Fame Super Silver

Re: How to enable ASA to forward routing updates?

Leo

If I understand your post correctly you have two routers with each router connected to an ASA. Unless there is something you have not explained that ought to mean that each router interface was in a different subnet. If the routers are in different subnets they can not become OSPF neighbors.

You could probably configure a GRE tunnel between the routers and they could become neighbors over the tunnel. But then they would route their data over the tunnel and that defeats the purpose of having them connected to the ASA - you might just as well remove the ASA and connect the routes directly.

Perhaps if you explain a bit more about your environment and what it is that you are trying to achieve we might find an alternative that works for you.

HTH

Rick

New Member

Re: How to enable ASA to forward routing updates?

The most practical solution to this is to run

the ASA in "transparent" mode. That way, you

can still inspect the traffics and decide if

they are allow to pass through the firewall.

HTH

David

CCIE Security

New Member

Re: How to enable ASA to forward routing updates?

Hi, David!

I can't use ASA in "transparent" mode, as i have

VPN configurations on it..Actually i have involved the ASA to routing process.So it is working fine. I just want to know is there any alternate solution without enabling dynamic routing on ASA and leaving it to focus on its primary job(firewalling)?...

228
Views
0
Helpful
3
Replies
CreatePlease login to create content