>Greetings all,
>
>Please forgive me if am asking the same question over and over.
>
>What is the best way to configure the PIX to pass OSPF (Multicast traffic).
>I'm adding PIX firewall to regional sites and need to pass OSPF.
>
>Cloud-----------------router----------PIX-------------router
>
>thanks,
>
>Nabil
There are several issues here.
1. OSPF packets have a TTL of 1. So, if the PIX is considered a router
here, the packets should not pass it.
2. Assuming this is your complete configuration, what is the benefit of
having OSPF to the regional sites? If there is only a single path between
the cloud and the remote site, why not simply have a default route from
the remote site to the cloud, and have a static route from the distribution
tier router to the remote site?
You could redistribute either aggregated or nonaggregated static routes
from the distribution routers into OSPF.
Some people might argue that using static routes means more configuration,
but remember that you have to manage the address space for the
remote sites.
It should not be complicated to have the software that assigns remote
address space to generate, as well, the static route statements, and
automatically include these into distribution configurations with copy
tftp running| startup (with the network, not host, option) or with telnet.
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
