09-27-2012 09:28 AM - edited 03-11-2019 05:00 PM
I am trying to configure my ASA 5545 firewall in area 0 but when I do so, the neighbor relationship never establishes. A debug on OSPF gives only one response:
OSPF: Input packet ignored.
Here is my configuration:
ASA 5545:
router ospf 65310
router-id 10.222.171.161
network 10.0.0.0 255.0.0.0 area 0
area 0 authentication message-digest
log-adj-changes
interface GigabitEthernet0/1.20
vlan 20
nameif INSIDE
security-level 100
ip address 10.222.171.161 255.255.255.248
ospf message-digest-key 1 md5 *****
ospf authentication message-digest
4948E:
router ospf 65310
router-id 167.68.126.136
log-adjacency-changes
area 0 authentication message-digest
passive-interface default
no passive-interface Vlan20
network 10.222.171.164 0.0.0.0 area 0
interface Vlan20
description wan-eag-diste-fw1 INSIDE
ip address 10.222.171.164 255.255.255.248
ip ospf message-digest-key 1 md5 test
I have already verifed that the key matches on both neighbors. Any idea why the ASA is ignoring the input packets?
09-27-2012 11:38 AM
Hello Jonathan
can you try to do the following
router ospf 65310
no network 10.0.0.0 255.0.0.0 area 0
network 10.222.171.160 255.255.255.248 area 0
Regards
Harish.
09-28-2012 06:34 AM
Hi Harish,
I actually tried that and it did not work either. Interesting enough though, I added failover configuration with the secondary ASA and the OSPF neighbor relationship came up with the directly connected switch. I am not sure why this would have caused the neighbor relationship to work.
Thanks for the reply!
09-27-2012 01:01 PM
Have you got matching mtu? What does debug ospf events and debug ospf packet give you?
Sent from Cisco Technical Support Android App
09-28-2012 06:36 AM
Hi Barrie,
The MTU's do match. The debug only shows "OSPF: Input Packet Ignored." Interesting enough though, I added failover configuration with the secondary ASA and the OSPF neighbor relationship came up with the directly connected switch. I am not sure why this would have caused the neighbor relationship to work.
Thanks for the reply!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide