ospf bfd with cisco

Forum|Forum|5 years ago
December 2, 2020
1 reply
6550 views

Hello,

I'd like to configure OSPF BFD between Fortigate and Cisco ASA.

My settings are as follows, but it didn't work.

I found Forti sent out packets but didn't receive from ASA.

ASA:

interface g0/0

ospf hello-interval 1 ospf dead-interval 3 bfd interval 250 min_rx 250 multiplier 3

Fortigate:

config router ospf

...

config ospf-interface

edit "interco"

set dead-interval 3 set hello-interval 1 set bfd enable

Thanks.

emnoc

New Member

Sounds like the cisco ASA might be setup for bfd correctly. Did you follow the cisco community and execute any debugging on the fortigate ?

Ken Felix Security Blog: BFD fortiagte and junos firewalls (socpuppet.blogspot.com)

I would run a the diag sniffer command and any debug options on the cisco ASA. If your sending to the cisco ASA device and not seeing response you will need to execute the show commands to ensure the interface is bfd enabled.

cisco

sh bfd summary

sh bfd drops

and debug bfd

Post your findings and packet dump here.

Ken Felix

fatAuthor

Visitor III

Hello,

Good idea. I used debug bfd on Cisco. It showed nothing.

Finally I found out the issue.

On ASA OSPF interface, I need to add "bfd neighbor x.x.x.x", but it didn't appear on the config output.

The Fortigate config is the same.

Thank you for your help.

emnoc

New Member

Ok cool glad it worked out for you.

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded