https://community.cisco.com/t5/network-security/firewall-ospf/m-p/1000445#M940585 <P>My firewall A will be connecte with Router A and use the OSPF.</P><P></P><P>Only firwall interface that is connected with router will use the OSPF and interface that is connected with switch will have the static routes. </P><P></P><P>I will redistrubte the static rotues into the OSPF domain via my firewall.</P><P></P><P>All internet will be use by the Firewall C. Now the problem is that I am not able to find out which interface should i put in ospf domain, If i will put outside interface in ospf domain, i have to make static and acl for all entries that are coming from OSPF domain. bcz Enterprise network will use Internet via Firewall C as mention in the diagram.</P><P></P><P>what do u think about no-nat-control and nonat solution.</P><P></P><P>Any solution regarding this will be highly helpful.</P><P></P><P> </P><P></P> Mon, 11 Mar 2019 12:20:39 GMT wasiimcisco 2019-03-11T12:20:39Z https://community.cisco.com/t5/network-security/firewall-ospf/m-p/1000445#M940585 <P>My firewall A will be connecte with Router A and use the OSPF.</P><P></P><P>Only firwall interface that is connected with router will use the OSPF and interface that is connected with switch will have the static routes. </P><P></P><P>I will redistrubte the static rotues into the OSPF domain via my firewall.</P><P></P><P>All internet will be use by the Firewall C. Now the problem is that I am not able to find out which interface should i put in ospf domain, If i will put outside interface in ospf domain, i have to make static and acl for all entries that are coming from OSPF domain. bcz Enterprise network will use Internet via Firewall C as mention in the diagram.</P><P></P><P>what do u think about no-nat-control and nonat solution.</P><P></P><P>Any solution regarding this will be highly helpful.</P><P></P><P> </P><P></P> Mon, 11 Mar 2019 12:20:39 GMT https://community.cisco.com/t5/network-security/firewall-ospf/m-p/1000445#M940585 wasiimcisco 2019-03-11T12:20:39Z https://community.cisco.com/t5/network-security/firewall-ospf/m-p/1000446#M940586 <HTML><HEAD></HEAD><BODY><P>In many instances, you need to enable routing on the Firewall to connect to devices on networks that are not directly connected. This is accomplished by manually configuring static routes or by using Open Shortest Path First (OSPF) to dynamically learn routes.redistribution of firewall routes was separated from static routes. </P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/bafwcfg.html" target="_blank">http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/bafwcfg.html</A></P></BODY></HTML> Thu, 27 Mar 2008 16:22:27 GMT https://community.cisco.com/t5/network-security/firewall-ospf/m-p/1000446#M940586 htarra 2008-03-27T16:22:27Z