Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
638
Views
0
Helpful
5
Replies

Need to redistribute the VPN remote LAN segments to inside via ospf

Ramesh M
Level 1
Level 1

‎08-21-2013 06:02 AM

Hi,

We have ASA firewall(8.6 ver) at one end and other end is fortigate firewall. Behind ASA we have Local LAN segments(MPLS) and advertised via OSPF.

And we have a VPN between ASA and fortigate

Now My requirement is I want to redistribute the Remote LAN segment (Fortigate internal segment)  to the ASA internal segments(MPLS) via ospf.

Kindly suggest on the same,.

Regards / Ramesh M

Labels:
0 Helpful
5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-21-2013 06:28 AM

Reverse Route Injection (RRI) should do the job for you.

Please refer to this configuration example and this related thread.

0 Helpful

Ramesh M
Level 1
Level 1
In response to Marvin Rhoads

‎08-21-2013 06:48 AM

Could you please provide the commands needs to execute on ASA

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ramesh M

‎08-21-2013 06:55 AM

You add "set reverse-route" in your cryptomap section as noted in the configuration example link I provided above.

If you read it carefully you will see it directly above the notation:

      !--- Command to enable RRI

0 Helpful

Ramesh M
Level 1
Level 1
In response to Marvin Rhoads

‎08-21-2013 08:56 AM

hi,

Ok but where should I point the remote LAN segment towards ospf.

Requirement is ASA wants redistribute the remote LAN segment( fortigate Local Segment) to its (ASA) internal ospf.

Ramesh M

0 Helpful

Ramesh M
Level 1
Level 1
In response to Ramesh M

‎11-06-2013 07:09 AM

Hi,

Thanks its working...

Regards/Ramesh M

0 Helpful
Customers Also Viewed These Support Documents