I have 2 PIX515's located in different buildings, with different IP address (they are not part of a failover pair). Currently they are configured with static routes only and take part in no routing updates. We are migrating VPN sites so they connect to PIXB rather than PIXA and this is involving a lot of static route changes.
I want to make the PIX's part of our OSPF. Is it possible that I can configure this, so if a tunnel comes up on PIXB it will advertise the route to the external VPN network from PIXB and stop advertising it from PIXA (because the tunnel is no longer active here). I am only interested in advertising this through the inside interface of the PIX - the VPN site itself wll stay configured with a single default route.
Is it just a case of enabling an OPSF process and including the network 172.20.x.x (which is what all my VPN sites are numbered - 17.20.1.x, 172.20.2.x etc.) ?
I am not sure of the signifance of all of the OPSF options I am seeing in PDM.
The equipment at the remote and is not CISCO and it will not run OSPF.
I was hoping that the PIX would advertise the route because the tunnel comes up (and it knows the subnet at the remote end, from the tunnel policy) rather than it propogating an OSPF update from the equipment at the remote end.
Ie. PIX says, tunnel just come up, tunnel is to 172.20.99.x subnet, start advertising route via OSPF. Without it recieving any routing update for that subnet itself.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :