cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2704
Views
5
Helpful
5
Replies

ASA does not redistribute static routes into OSPF

Ralf Kleineisel
Level 1
Level 1

We have an ASA 5555-X running 9.2(1). It is connected to an VSS-1440 running IOS 15.1(2)SY4.

They form an OSPF area, the ASA should distributes its connected and static subnets to the router via OSPF. It works fine for the subnets which are directly connected to the ASA, but not for a subnet for which the ASA has a static route.

This is the ASA OSPF config:

router ospf 1
 network 1.2.3.0 255.255.255.0 area 29
 network 10.10.0.0 255.255.248.0 area 29
[more subnets]
 area 29 stub no-summary
 log-adj-changes
 redistribute static subnets

OSPF neighbours seem correct.

Subnets which are directly connected to the ASA are fine:

asa# sh route 1.2.3.0

Routing entry for 1.2.3.0 255.255.255.0
  Known via "connected", distance 0, metric 0 (connected, via interface)
  Routing Descriptor Blocks:
  * directly connected, via vlan100
      Route metric is 0, traffic share count is 1

router#sh ip route 1.2.3.0         
Routing entry for 1.2.3.0/24
  Known via "ospf 1", distance 110, metric 20, type intra area
  Last update from 10.141.90.26 on Vlan100, 01:54:45 ago
  Routing Descriptor Blocks:
  * XXXXXXXXXX, from XXXXXXXXXX, 01:54:45 ago, via Vlan449
      Route metric is 20, traffic share count is 1

Subnets which are static to the ASA don't work:

asa# sh route 10.10.0.0   

Routing entry for 10.10.0.0 255.255.248.0
  Known via "static", distance 1, metric 0
  Redistributing via ospf 1
  Advertised by ospf 1 subnets
  Routing Descriptor Blocks:
  * 10.9.8.204, via vlan100
      Route metric is 0, traffic share count is 1

router#sh ip route 10.10.0.0
% Subnet not in table

 

Any ideas what I am missing?

 

 

 

 

 

5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

Is the subnet in the OSPF database as an external route on your router ?

Jon

The subnet 10.10.0.0 does not show up in "show ip ospf data external" on the router.

From your OSPF configuration -

network 10.10.0.0 255.255.248.0 area 29

why have you got a network statement for a static route ?

Jon

I tried with and without it, didn't make a difference.

FABIO BETTINI
Level 1
Level 1

I suppose you also have to add a default information originate to your ASA 

Seet this article:

http://www.petenetlive.com/KB/Article/0000982 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: