Hi edison,

I would lke to use OSPF, but my Catalyst L3 switch does not have the proper software, it only has IPBASE and the version does not allow me OSPF. So I am forced to use RIP.

What do you mean redistribute statics into the routing protocol?

Do you mean insert those static routes on the ASA (from the Sonicwall) and RIP will use them to transfer between the ASA and L3?

The sonicwall is connected to the L3 switch thus this device must have the statics.

If you want the ASA to know about these static subnets, you can redistribute static into RIP and the ASA will get them.

Now, the SonicWall must learn about the ASA subnets via other means...

okay, I would have to manually add the statics on the Sonicwall and the watchguard.

I would then add the static routes on the ASA and redistribute them into RIP.

Once I redistribute them into RIP, then the L3 switch will get them?

Do these commands look okay to you?

Router(config)#router rip

Router(config-router)#network 192.168.201.0

Router(config-router)#timers basic 30 180 180 240

Router(config-router)#passive-interface Fa0/0

Per your diagram, it shows the L3 switch is directly connected to the Sonicwall, isn't it?

It also looks like the ASA is on the same subnet, if so it may be easier just to add the static on the L3 switch, redistribute into RIP and the ASA would route via the L3 switch.

As for the ASA RIP syntax, it looks ok with the exception of missing the 'version 2' 

Hi Edison,

Yes the sonicwall and the watchguard and the ASA are connected to the L3 switch. Each of these firewalls have its own internet connection, so each subnet has its own default gatetway to the internet.

Each subnet will have a separate default gateway. Little weird.

okay, so I should add the 192.168.201.0 nework and the 192.168.202.0 network into RIP.

Then how do I add the static routes for my sonicwall.

Here are more details on the subnets and their default gateways.

Subnet                  Gateway

192.168.200.0 - 192.168.200.254

192.168.201.0 - 192.168.202.222

192.168.202.0 - 192.168.202.222

10.10.10.0 - 10.10.10.222

192.168.102.0 - 192.68.200.254   (remote networks via Sonicwall tunnels)

192.168.103.0 - 192.168.200.254 (remote networks via Sonicwall tunnels)

192.168.104.0 - 192.168.200.254 (remote networks via Sonicwall tunnels)

192.168.105-0 - 192.168.200.254 (remote networks via Sonicwall tunnels)

L3 Switch Interfaces

10.10.10.1

192.168.202.1

192.168.200.1

I have issued the commands:

router rip

network 192.168.202.0

network 192.168.201.0

version 2

no  auto-summary

Is this all I need to run on this ASA? How do I know if its working?

Hi Edison,

Okay, thanks for the commands for adding the static routes on the ASA and the L3.

I just dont think my ASA is properly configured for RIP.

When I do a show route on my ASA, I get the below:

ciscodemo(config-router)# show route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route

Gateway of last resort is not set

Did you configure RIP in the L3 switch? if so, can you post the config?

I have not yet configured on the L3. How will they know about each other?

Well, if you don't have any other device running RIP in your network, the ASA routing table will be empty.

The L3 switch and the ASA share the same subnet (192.168.202.0) so the L3 switch will send RIP updates for other subnets not local to the ASA such as 192.168.200.0 and 10.10.10.0 while the ASA will send RIP updates for 192.168.201.0 to the L3 switch.

okay, I see, so once I hook the ASA ethernet to the L3, they will know that each other has RIP enabled and then they will just automatically share the routing table. In this case, my ASA will share its RIP table and the L3 will automatically import those routes.

Will this automatic import and sharing of the routing table, include static routes too?