Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
434
Views
0
Helpful
2
Replies

Cisco ASA OSPF

Go to solution
3moloz123
Level 1
Level 1

‎10-14-2013 01:36 AM - edited ‎03-07-2019 04:01 PM

Hi,

I have a scenario of a production environment, where ASA uses a (hsrp virtual) IP as default gateway. Since a recent upgrade, there are now two routers and in order for these to manage the routes to the ASA dynamically I need to replace their static routes for the internal network to the ASA with that of a routing protocol.

What I want to solve is:

1) Have ASA still only communicating with the VIP of the routers HSRP.

2) Let the route for 100.50.0.0/20, which goes via ASA, be dynamically added with a routing protocol to ensure that if router01 loses physical connection to Cisco ASA, then router01 knows it can go via router02 (and vice versa)

router01 (active): 100.50.0.1

router02:             100.50.0.2

cisco asa:           100.50.0.3

Inner network, 100.50.0.0/20, for which the both routers now have a static route towards the ASA.

I easily find OSPF documentation, but Im unsure how to implement this in a production environment without losing connectivity. I guess my question can be reduced to: Is it safe to follow a typical Cisco ASA OSPF documentation to add the route dynamically, and when done remove the static routes to accomodate for a convering network in the event of a failure?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to 3moloz123

‎10-18-2013 06:57 AM

I believe that you are correct in your further assessment of your requirements. And it seems to me that using OSPF and having layer 3 redundancy is better than HSRP and layer 2 redundancy.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
2 Replies 2

Go to solution
3moloz123
Level 1
Level 1

‎10-18-2013 02:12 AM

I realize I didn't think it through. I think either have rely on hsrp and using static routes, or scrap hsrp and use ospf. It becomes a case of layer 2 OR layer 3 redundancy - not both.

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to 3moloz123

‎10-18-2013 06:57 AM

I believe that you are correct in your further assessment of your requirements. And it seems to me that using OSPF and having layer 3 redundancy is better than HSRP and layer 2 redundancy.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card