Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
899
Views
0
Helpful
1
Replies

Allowing OSPF through PIX, for dynamic Internet backup

CHAD MARSH
Level 1
Level 1

‎08-05-2002 11:53 AM - edited ‎02-20-2020 10:11 PM

I am trying to setup an external router to advertise a default route with OSPF through a PIX to an inside router using 'default-information originate' (not always), this way the internal router will switch to a floating default static route pointing to another PIX connected to a DSL router for backup if the primary routers default route goes down.

Using static (inside,outside) and static (outside,inside) [PIX6.2] I am able to get each router to think it is on the same L2 segment as the other, then changing the OSPF network type to non-broadcast and setting neighbor statements I get the two routers to form an adjacency (shows FULL), however no routing information is being populated into either routing table. I have loopbacks with /32's defined on both routers and participating in OSPF, just so I could see if any network information was being passed. I can see the advertised networks of the other router in a 'show ip ospf database', but not in the routing table. I have an access-list on the PIX permitting OSPF traffic (ip protocol 89) between the routers, and it seems that hellos and LSAs are getting through.

Any ideas? It seems very close...

0 Helpful
1 Reply 1

yusuff
Cisco Employee
Cisco Employee

‎08-05-2002 04:14 PM

You cannot do it that way. Configure a GRE tunnel between the 2 OSPF routers through the PIX. If you want added security, you may also IPSec the GRE tunnel.

Following is a sample config

http://www.cisco.com/warp/public/707/gre_ipsec_ospf.html

HTH

R/Yusuf

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card