OSPF Question 1

[jrmann1999]

Can OSPF be setup to redistribute IPSEC routes?

I have a 2600 that terminates 20-25 tunnels. IP addresses behind each are 192.168.1.0, 192.168.2.0, 3.0, 4.0, etc etc.

I'd like to use OSPF to advertise these to my ASA that sits on the same network as the 2600 so I don't have to static map them.

I've got the two setup to share OSPF, and they share both static and connected routes already, just need to know if there's a "redistribute XXX" command that can be used for IPSEC on the 2600.

Thanks.

 

[brianinms]

I am confused as to the topology, but the routes should be appear to be connected so you should be able to "redistributed connected." However, why dont you just put one static route in the asa.


ip route inside 192.168.1.0 255.255.224.0 x.x.x.x

 

[jrmann1999]

If I issue

sh ip route

On the 2600, I get only routes I have defined in the config, none of the VPN tunnels show up. Those static routes to redistribute.

I've never considered adding a ranged route, just curious if this was even possible.

 

[brianinms]

Do you have reserve route injection configured.

 

[jrmann1999]

probably not since I have no clue what that is.

 

[brianinms]

Sorry, I meant reverse route injection. It populates the VPN routes into your routing table.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455af1.html

 

[jrmann1999]

excellent! reverse-route works exactly as I wanted.

 

[burtsbees]

jrmann1999...I would give brian a star---this was a helpful post. Just my 2 cents...

Burt