Cisco 1140 asa image OSPF connectivity

JamesSimpson34554 · ‎06-23-2022

Hi All

Im trying to establish a basic connection between an 1140 Firepower (with ASA image) and a 9300.

Simple point to point /30 with Ospf 1 process,

Is there some additional work that needs to be done when using a FP device rather than the traditional ASA. ?

My next thought would be a bug

Many thanks

MHM Cisco World · ‎06-23-2022

I don't get where is issue ? can you more elaborate.

JamesSimpson34554 · ‎06-23-2022

Sorry I cannot establish and OSPF adjacency

MHM Cisco World · ‎06-23-2022

I think that there is ACL drop the OSPF Hello/Update message.
you need to allow OSPF.

Rob Ingram · ‎06-23-2022

@JamesSimpson34554 can you provide the configuration of your OSPF on the ASA and 9300?

A normal ACL is for traffic "through" the ASA, not "to" the ASA itself. I read the original question as establishing OSPF adjacency between the ASA and the 9300 switch. Only a control-plane ACL on the ASA would restrict OSPF being established with the ASA - if you don't have one configured, that isn't the issue.

Turn on OSPF debugs on both devices, confirm OSPF hellos sent and received - or not.

MHM Cisco World · ‎06-23-2022

it is easy to check the 9300 ospf
can you share
show ip ospf neighbor