Solved: Re: OSPF E2 Default route in FTD - Page 2

great.mathmatician11 · ‎11-25-2023

Hi,

I have a question if someone can help me with that please, I have FTD configured in Active standby and managed by FMC. These FTDs are going in to an upstream nexus switch. I am using RFC1918 addresses between the outside interface of FTD and SVI on the switch. I have run OSPF between the SVI and the outside interface which is working, the neighbourship comes up, switch and FTD are learning the OSPF routes from each other, but the problem is i have issued a command default information originate always on nexus and FTD is not taking a default route in its routing table. In principle it should work but is there any limitation on the FTD?

Your help on this would be highly appreciated.

great.mathmatician11 · ‎11-26-2023

Hi,

just checked didnt work, i changed the topology just to check something, i added default information originate on new router and delete it from nexus just to check whether nexus adds a default route from upstream router and propagate it to ftd, i can see the default route in nexus now but there is nothing on the ftd

MHM Cisco World · ‎11-26-2023

Ok' let return to nsk-ftd

In nsk add

Default information originate route-map mhm

Route-map mhm permit 10

Set forward address

Note:- add this command under vrf context of ospf in nsk.

MHM

MHM Cisco World · ‎11-26-2023

Any update?

If not working

Can you share

Show ip ospf database external

great.mathmatician11 · ‎11-26-2023

Yeah doing it now, i donot understand the route-map -> set forward address? what address does it need to be?

MHM Cisco World · ‎11-26-2023

Set forward address

No need IP it make nsk set forward address ip automatically point to nsk interface connect to ftd.

great.mathmatician11 · ‎11-26-2023

great.mathmatician11 · ‎11-26-2023

This is the output from the FTD - No luck

MHM Cisco World · ‎11-26-2023

If 1.1.1.1 is appear then that good'

The routing bit set is missing from defualt route' which make route appear in ospf db and missing from rib.

Can you do following

Remove always

Remove static route to null0 for defualt

Config defualt route in nsk toward corw SW or router' make sure the next-hop of this new defualt route learn via O IA not E1/E2' i.e. config ospf under it' and check again.

great.mathmatician11 · ‎11-26-2023

great.mathmatician11 · ‎11-26-2023

tried that still no luck!

great.mathmatician11 · ‎11-26-2023

The upstream router is learning an e2 default route from the nexus in ospf but FTD is not learning! do i need to raise a TAC case?

MHM Cisco World · ‎11-26-2023

Can I see final nexus you try

For open TAC' sure it last option here' but I think it issur of ospf not platform.

MHM

great.mathmatician11 · ‎11-26-2023

This is the ask, I have tried this on ASA in my lab and it accepts the e2 default route but the FTD in the live environment does not accept the default route and this is going to mess up my design.

great.mathmatician11 · ‎11-26-2023

great.mathmatician11 · ‎11-26-2023

below is the configs from the FTD: