06-23-2022 06:22 AM
Hi All
Im trying to establish a basic connection between an 1140 Firepower (with ASA image) and a 9300.
Simple point to point /30 with Ospf 1 process,
Is there some additional work that needs to be done when using a FP device rather than the traditional ASA. ?
My next thought would be a bug
Many thanks
06-23-2022 06:26 AM
I don't get where is issue ? can you more elaborate.
06-23-2022 06:28 AM
Sorry I cannot establish and OSPF adjacency
06-23-2022 06:57 AM
I think that there is ACL drop the OSPF Hello/Update message.
you need to allow OSPF.
06-23-2022 07:04 AM
@JamesSimpson34554 can you provide the configuration of your OSPF on the ASA and 9300?
A normal ACL is for traffic "through" the ASA, not "to" the ASA itself. I read the original question as establishing OSPF adjacency between the ASA and the 9300 switch. Only a control-plane ACL on the ASA would restrict OSPF being established with the ASA - if you don't have one configured, that isn't the issue.
Turn on OSPF debugs on both devices, confirm OSPF hellos sent and received - or not.
06-23-2022 07:13 AM - edited 06-23-2022 07:21 AM
it is easy to check the 9300 ospf
can you share
show ip ospf neighbor
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide