Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX, OSPF routing choices.


We have two main sites with a PIX515 in each site. Both Inside interfaces are on the backbone OSPF area (0) & the Outside Interfaces are in different OSPF areas (51 & 53). The two sites are connected together by our internal network on the Inside interfaces. We have a sattelite site which connects to both sites on the outside interfaces & the route to this site originates as a RIP2 route & is imported into OSPF & distributed to the PIX's on the outside Interface & redistributed to the Inside Interface.

The problem we are hitting is that both or one of the PIX's will sometimes decide the route to the

sattelite site is over the internal network to the other PIX & then to the sattelite site (With a cost of 353) rather than straight over the Outside network (cost 30).

In debug you can see the correct Type 5 LSA comes in & be used (cost 30). Then the LSA type 5 comes in straight afterwards on the inside interface as the update goes around the internal network (from the other firewall) & is used as the preferred route (cost 353).

Do PIX's prioritise routing updates from inside networks? Anyone have any ideas why it would behave this way?

Thanks, John.


Re: PIX, OSPF routing choices.

The OSPF route preference is in the following order: O, O IA, OE1, OE2. My understanding is that when an inter area route is learned from two neighbors, OSPF tries to take the shortest path out to the backbone and it is this behaviour that might be causing the behaviour that you area seeing.

New Member

Re: PIX, OSPF routing choices.


Does anyone know where I could get the information describe above by drolemc. This information is important for us.