07-15-2010 10:28 AM - edited 03-11-2019 11:12 AM
Hi,
Could someone guide me how can I filter the OSPF routes in cisco ASA inside interface. I want only my private network be part of OSPF configured on ASA. But I am getting other routes too from external networks. Pls. suggest.
Thanks,
Solved! Go to Solution.
07-15-2010 02:58 PM
Hello,
Unfortunately, there does not seem to be an option on the firewall to filter routes. So, you might want to do it on the inside router itself. You can use "distribute-list
You need to make sure that this configuration does not affect any of your other devices.
Hope this helps.
Regards,
NT
07-15-2010 02:58 PM
Hello,
Unfortunately, there does not seem to be an option on the firewall to filter routes. So, you might want to do it on the inside router itself. You can use "distribute-list
You need to make sure that this configuration does not affect any of your other devices.
Hope this helps.
Regards,
NT
07-16-2010 02:06 AM
Hi NT,
Those are Type-5 AS External Link States and I tried distribute-list out
I am attching the topology too. I want few routes of Type-5 LSA's to stop to coming on R3 as well as FW. After applying distribut-list in, those routes are not there in sh ip route. But in sh ip ospf database, i can see those routes.
Pls. suggest how this can be possible.
Thanks,
07-18-2010 12:15 AM
i would suggest posting this query in routing community
because i had a similar issue and i was told by few routing experts in my org that OSPF architecture is such that we cannot block incoming routes from being sent accross firewall
what i mean is we cannot filter ospf updates like we do eigrp, the only way to stop updates coming from a different network is by stopping them at source
but as i said again i am not a routing expert, so i would suggest that this query be opened in routing community
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide