Solved: OSPF Route Issue

karamalomari · ‎05-31-2022

I have a Router that is connected to High Availability Firewall using 2 different interfaces on the Router.

The interfaces are layer 3 interfaces with the HA Firewall.

The router is receiving the internal routes from the Firewall on both Interfaces.

The routes are preferred on the router from the second interface and I would like to change it to first interface.

When giving the command on Second Interface

show ip ospf interface g0/2 | inc Cost

The output:

Process ID 1, Router ID 10.10.10.1, Network Type BROADCAST, Cost: 1

Also, when giving the command on First Interface

show ip ospf interface g0/2 | inc Cost

The output:

Process ID 1, Router ID 10.10.10.1, Network Type BROADCAST, Cost: 1

Now the question I want the router to prefer the first interface not the second interface, so can I do that by increasing the cost under Second Interface? or is there a different way?

MHM Cisco World · ‎06-15-2022

as mention before, ASA HA work as Active/standby and ONLY active is forward traffic the standby is not until failover happened.

FW default route toward WAN router 
FW subent route toward Core SW

in WAN router


static route toward active ASA interface.

remember that during the failover the standby will use previous active ip and that make WAN router never detect change and you don't have any issue with FW.

View solution in original post

Jon Marshall · ‎05-31-2022

That would be the best way to do it, so just increase the cost on the second interface.

Jon