View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

Home » Security » SEC0240 - FTD 6.1 Routing - OSPF (Part 1)

SEC0240 - FTD 6.1 Routing - OSPF (Part 1)

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>
Category: 
Security
The video walks you through configuration of OSPF routing on Cisco FTD 6.1. We will go over various features and functionalities of OSPF including basic configuration, redistribution, virtual link, route filtering and summarization. 
 
Part 1 of this video covers basic OSPF, redistribution to BGP, and Virtual Link
 
Topic:
  • OSPF Routing Configuration
  • OSPF Redistribution
  • OSPF Virtual Link
  • OSPF Route Summarization (Inter-Area LSA3)
  • OSPF Route Filtering (Inter-Area LSA3)
  • OSPF Route Filtering (ASBR LSA5)
  • OSPF Route Summarization (ASBR LSA5)
  • OSPF Authentication
Tag: 
asa
firepower
sourcefire
ngfw
ftd
ospf
redistribution
summarization
filtering
authentication

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
http://www.linkedin.com/in/methachiewanichakorn

4 comments

Submitted by Jeferson Figuer... on Tue, 04/03/2018 - 15:45

Hi Metha

I'm currently implementing two firepower 2140 in Active/Standby, I have two internet service providers and I don't know how to balance the traffic from my users to internet in active/active.

Is it possible to use Flexconfig to configure Policy Based Routing, IP SLA and IP Trackers to switch the 2 Internet service provider channels?

Stay pending for your answer, thanks a lot.

Submitted by admin on Tue, 04/03/2018 - 21:57

You should look into below in order of preference

1. Terminate ISPs on internet router and run dual-homed BGP

2. Terminate ISPs on internet router and do IP SLA to track availability

3. Do what you suggested and load balance out with two default routes

4. Use PBR only if you want to have certain IP group prefer one ISP over the other.

Submitted by danletkeman on Sun, 04/08/2018 - 12:32

I am trying to setup remote access vpn but i am unable to redistribute the static route for the vpn network into ospf. When I connected with the vpn I am unable to connect to any internal network du to the fact that there is no route to the vpn network from the routers and switches behind the FTD. I have made nat exemptions and access policy allowed entries. I have tried redistributing static routes via ospf and creating a static route for the vpn network but the FTD doesn't redistribute them to the ospf neighbor. Any help would be appreciated.

Submitted by admin on Mon, 04/09/2018 - 22:10

Make sure your OSPF area type allow external routes. Check the FTD CLI and verify that the static route is there.