OSPF Fortigate 100F and Edgerouter Infinity

Question

Greetings,

I'm attempting to get OSPF working between my 100F and Edgerouter Infinity, I'm brand new to fortinet so I'm guessing its something very silly that I'm over looking, but my google-fo appears to be failing me. The problem boils down to the Fortinet side is not getting the routes from the edgerouter

# get router info ospf route

OSPF process 0:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2

C 172.16.1.0/24 [1] is directly connected, TransitLink, Area 0.0.0.0

So I'm never seeing area 1 on the fortinet side, but both routers are Full adjacent neighbors

get router info ospf neighbor
OSPF process 0, VRF 0:
Neighbor ID Pri State Dead Time Address Interface
0.0.0.1 1 Full/Backup 00:00:32 172.16.1.2 TransitLink

# run show ip ospf neighbor

Total number of full neighbors: 3
OSPF process 0 VRF(default):
Neighbor ID Pri State Dead Time Address Interface Instance ID
0.0.0.2 1 Full/ - 00:00:31 10.99.99.2 vti0 0
0.0.0.3 1 Full/ - 00:00:30 10.99.99.6 vti1 0
1.1.1.1 1 Full/ - 00:00:33 172.16.1.1 eth3 0

Here is the relevant config bits from both sides

config router ospf
set router-id 1.1.1.1
config area
edit 0.0.0.0
next
end
config ospf-interface
edit "TransitWanSide"
set interface "TransitLink"
set dead-interval 40
set hello-interval 10
next
end
config network
edit 1
set prefix 172.16.1.0 255.255.255.0
next
end
config redistribute "connected"
set status enable
end
config redistribute "static"
end
config redistribute "rip"
end
config redistribute "bgp"
end
config redistribute "isis"
end
end

eth3

dead-interval 40
hello-interval 10
mtu-ignore
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1

---

show protocols ospf
area 0 {
area-type {
normal
}
network 10.99.99.0/30
network 10.99.99.4/30
network 172.16.1.0/24
}
area 1 {
area-type {
normal
}
network 192.168.1.0/24
network 192.168.42.0/24
network 10.0.8.0/24
}
parameters {
abr-type cisco
router-id 0.0.0.1
}
passive-interface default
passive-interface-exclude vti0
passive-interface-exclude vti1
passive-interface-exclude eth3
redistribute {
connected {
metric 5
}
}

Any thoughts or ideas? Been scratching my head for the last few hours at this one.

Thanks!

emnoc · Accepted Answer

I would set the network type to match the ospf neighbor by default broadcast is set  under your ospf configuration for interface, set the type set network-type point-to-point  Ken Felix

ColtM · Answer

Well with some further tweaks, I can see the database brief on the Fortigate side is showing area information from the directly connected and beyond, but I don't see the Fortigate taking any of the routes to these other networks, its only showing the directly connected interface via area 0 under the OSPF routes.  I've taken packet captures from the Fortigate side and Edgerouter side, I can clearly see updates being sent to the fortigate side, so I'm really scratching my head on this one.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded