Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2092
Views
0
Helpful
1
Replies

Running OSPF over ASA Ipsec VTI

Go to solution
BVC
Level 1
Level 1

‎10-29-2021 07:04 AM

I'm currently practising the configuration of an ipsec tunnel between two ASAs. I'm using a routed based VPN with VTIs on both ASAs. Instead of using static routes I would like to use OSPF to advertise routes over the tunnel. Playing around with the OSPF and VTI config on the ASAs I can't see anything that suggests it can be done, not even with static OSPF neighbours. This old documentation says BGP is the only supported dynamic routing protocol, is this still this true? As I can setup OSPF to run over VTI using just Ipsec (no gre) on the likes of IOS routers. Any help will be greatly appreciated. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎10-29-2021 07:10 AM

@BVC BGP is still the only dynamic routing protocol supported on ASA when using a VTI, as of the version 9.16.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa916/configuration/vpn/asa-916-vpn-config/vpn-vti.html

 

 

 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎10-29-2021 07:10 AM

@BVC BGP is still the only dynamic routing protocol supported on ASA when using a VTI, as of the version 9.16.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa916/configuration/vpn/asa-916-vpn-config/vpn-vti.html

 

 

 

0 Helpful
Customers Also Viewed These Support Documents