I have read this works and have attempted to configure this with a Netscreen running version 5.2.
The netscreen sends the hello's and the Pix recieves them. I can only get the PIX to send them (what looks to be) in the clear when I enable OSPF on the outside interface. How do I get the PIX to send OSPF over the tunnel. Has any body got this working even between two PIX's?? a config example of that would help me a lot.
Have you added the necessary entry to the crypto ACL so that OSPF traffic takes the tunnel?
eg: access-list cryptomap_acl extended permit ospf interface outside host x.x.x.x
My crypto mao included the private subnets of each site. I had not done an OSPF entry in the ACL.
Would I not use the Inside as the source? and what about the Dest - should that be the Router_ID of the remote PIX?