Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
0
Helpful
3
Replies

Route-based VPN site-to-site on ASA.

Ahmad Saad4
Level 1
Level 1

‎02-16-2019 05:32 AM - edited ‎02-16-2019 05:33 AM

Hi there!

 

I need to run OSPF over site-to-site IPsec tunnel on ASA.

basically I have HQ, and 3 branches that need to be connected to the HQ via site-to-site and most importantly to run OSPF over the IPsec tunnel instead of default route.

 

HQ :ASA5525 Version 9.6(3)1 

BR1: ASA5515  Version 9.9(2)

BR2: ASA5525 Version 9.2(2)4

BR3: ASA5516 Version 9.8(2)

 

I've read some article that only BGP is supported over VTI for ASA v9.8.

 

I will appreciate if someone can help me out.

 

Thanks!

 

 

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎02-16-2019 05:43 AM

Hi,

Even in the latest ASA version 9.10 only BGP is supported on VTI's, reference here.


HTH

0 Helpful

Ahmad Saad4
Level 1
Level 1
In response to Rob Ingram

‎02-16-2019 06:03 AM - edited ‎02-16-2019 06:06 AM

Thanks for the reply, if I don't use VTI (just Poily-based VPN) and configure OSPF on ASA (on HQ and all branches), will the branches be part of HQ's OSPF domain?

0 Helpful

Rob Ingram
VIP
VIP
In response to Ahmad Saad4

‎02-16-2019 06:15 AM

See this link, you can define ospf as non-broadcast and statically define the neighbor.


HTH

0 Helpful
Customers Also Viewed These Support Documents