Re: Cisco FTD and OSPF

duyennv10 · ‎01-24-2019

Please see my attach file (router1-FTD-router2), all devices in area 0.

Does I need policy to permit ospf like these to permit ospf protocol go through FTD?

- source: 10.0.1.0/24 destination: 192.168.1.0/24 service/application: OSPF

- source: 192.168.1.0/24destination: 10.0.1.0/24 service/application: OSPF

Thank you!

Dennis Mink · ‎01-24-2019

Are you attempting to establish an OSPF neighbour ship between the two routers, though the firewall and the firewall not being part of your ospf process?

the FTD would need to allow protocol 89 (OSPF) between interfaces.

Please remember to rate useful posts, by clicking on the stars below.

duyennv10 · ‎01-26-2019

Dear Dennis,
I want to establish OSPF neighbour between FTD with R1 and R2
Thanks

Marius Gunnerud · ‎01-28-2019

If the FTD is going to be a part of the OSPF process then you only need access rules that allow regular data traffic. No extra rules needed if the FTD is going to establish OSPF neighbor with the routers.

--
Please remember to select a correct answer and rate helpful posts

Sheraz.Salim · ‎01-24-2019

I assume the FTD in transparent mode and R1 is as internal network and R2 is external network. if not change it according to your design. your rule would be like this. in below example outside = external network and BIG_BOX = internal network

Multicast address of ospf are 225.0.0.5,224.0.0.6

please do not forget to rate.