Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1379
Views
25
Helpful
33
Replies

OSPF Connection between ASA 5525 & Nexus 9504s

Go to solution
sebbing
Level 1
Level 1

‎07-21-2022 01:25 PM - last edited on ‎08-02-2022 10:41 PM by Community Manager

Hello all,

I am having a bit of an issue with trying to get an ASA 5525 to form a neighborship with a Nexus 9504. They can see and communicate with each other via layer2 VLAN connection.

Trying to figure out what I am doing wrong. Here is stippets of the interfaces from the Nexus and the ASA.

Nexus

show interface vlan 3

interface Vlan3
description FIREWALL-INSIDE-Default-Gateway
no shutdown
mtu 9000
no ip redirects
ip address 10.50.2.8/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.100
hsrp version 2
hsrp 3
name FIREWALL-INSIDE
preempt
priority 90
ip 10.50.2.2

ASA

ASA-03# sh run router
router ospf 1
router-id 10.50.2.5
network 10.50.2.0 255.255.255.0 area 100
network 10.60.0.128 255.255.255.128 area 100
area 100
log-adj-changes
!

I guess the question I have is that when I try to put in area 0.0.0.100 on the ASA it transfers it to what you see here with only 100. Is that a big deal on that matter or is it still the same "area"?

I am not sure if it is a problem but the ASA is connected to a 2960 switch, which is then connected to a pair of 93180 layer 2 nexus switches. Those are then connected to the 9504s . Pings and traceroutes go both ways at this point, so I am not sure where the breakdown is happening. Can someone assist me with this?

Thanks!

33 Replies 33

Go to solution
sebbing
Level 1
Level 1
In response to MHM Cisco World

‎07-25-2022 11:52 AM - last edited on ‎08-02-2022 11:18 PM by Community Manager

That got us somewhere! 

9504-01# ping multicast 224.0.0.5 int vlan 3
PING 224.0.0.5 (224.0.0.5): 56 data bytes
Request 0 timed out
Request 1 timed out
Request 2 timed out
Request 3 timed out
Request 4 timed out

--- 224.0.0.5 ping multicast statistics ---
5 packets transmitted,
0 packets received, 100% packet loss
9504-01# ping multicast 224.0.0.6 int vlan 3
PING 224.0.0.6 (224.0.0.6): 56 data bytes
Request 0 timed out
Request 1 timed out
Request 2 timed out
Request 3 timed out
Request 4 timed out

--- 224.0.0.6 ping multicast statistics ---
5 packets transmitted,
0 packets received, 100% packet loss
9504-01#
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎07-25-2022 12:14 PM 

show ip ospf traffic vlan3

 

show ip ospf interface vlan3

please share this of NSK 

0 Helpful

Go to solution
sebbing
Level 1
Level 1
In response to MHM Cisco World

‎07-25-2022 01:42 PM - last edited on ‎08-02-2022 11:19 PM by Community Manager

Well crap..  Once you put that in and I went to get the

show

command on that, I wonder if I just found the problem.

9504-01# sh ip ospf int vlan 3
Vlan3 is up, line protocol is up
IP address 10.50.2.8/24
Process ID 1 VRF default, area 0.0.0.100
Enabled by interface configuration
State DR, Network type BROADCAST, cost 40
Index 12, Passive interface
9504-01#

If that truly is passive, that would stop the transmission of the OSPF I would think. Am I correct?

Thanks!

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to sebbing

‎07-25-2022 01:52 PM

I inform you in my previous post that check this point,
anyway 
I am so glad you get the issue, 
Yes Passive making NSK not send Hello and never establish the OSPF.
no passive this interface and check the OSPF.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card