Support Center > Search Results > SecureKnowledge Details
How to configure OSPF on Security Gateway & UTM-1 Edge VTI environment
Solution

Proceed as follows: 

  1. On the UTM-1 Edge, enable OSPF on the VTI by entering the following command: 
    add ospf network address <address> mask <mask> area <area>

    where:

    address - local VTI's IP Address
    mask - local VTI's subnet mask (not wildcard)
    area - OSPF area's IP Address

    For example:

    add ospf network address 1.1.1.1 mask 255.255.255.255 area 0.0.0.0

  Configure the router-id on the Edge to match the VTI address:

 set ospf router-id 1.1.1.1 

       Redistribute kernel (static) routes:

       set ospf redistribute kernel enabled true

 

 Redistribute directly connected routes:

 set ospf redistribute connected enabled true

 Toggle the OSPF process on the Edge device:

 set ospf mode all

2. On the Security Gateway, enable OSPF on the VTI by entering the following command:

network <address> <mask> area <area>

where:
address - Peer VTI's IP Address
mask - should be set to 0.0.0.0 (wildcard for host mask)
area - OSPF area's IP Address

For example:

network 1.1.1.227 0.0.0.0 area 0.0.0.0

More information regarding SecurePlatform and OSPF can be found at sk32614

3. In the following example configuration, the UTM-1 Edge VTI address is 1.1.1.1 and the Security Gateway VTI address is 1.1.1.227.

UTM-1 Edge:

 

add ospf network address 1.1.1.1 mask 255.255.255.255 area 0.0.0.0

set ospf router-id 1.1.1.1

set ospf redistribute kernel enabled true

set ospf redistribute connected enabled true

set ospf mode all

Security Gateway:

router ospf 1

router-id 1.1.1.227

network 1.1.1.227 0.0.0.0 area 0.0.0.0

redistribute direct

interface vt-first_edge

        ip ospf 1 area 0.0.0.0

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment