OSPF and Fortigate are fairly new to me... I am planning to replace a Cisco Firepower with a Fortigate.
Currently on the Cisco firepower there are two opsf processes configured. One has area id 0 and the other has area-id 10 and both are connected to two different cisco switches. Because of the two ospf processes the areas are separated which means cisco-sw2 doesn't receive any routes from area 10. Since Fortigate doesn't support more than one ospf process I have to find another solution.
How can I prevent Fortigate from distributing learned routes from area 10 to 0 (sw2)?
Current Fortigate config:
fortigate # show router ospf config router ospf set router-id 220.127.116.11 config area edit 0.0.0.0 next edit 0.0.0.10 set type stub next end config ospf-interface edit "clientvpn" set interface "port2.505" set dead-interval 40 set hello-interval 10 next edit "dmvpn" set interface "port2.503" set dead-interval 40 set hello-interval 10 next edit "inside" set interface "inside" set dead-interval 40 set hello-interval 10 next edit "transit" set interface "port2.506" set dead-interval 40 set hello-interval 10 next end config network edit 1 set prefix 10.30.15.0 255.255.255.240 next edit 2 set prefix 10.30.13.0 255.255.255.240 next edit 3 set prefix 10.30.14.0 255.255.255.240 next edit 4 set prefix 10.30.16.0 255.255.255.240 set area 0.0.0.10 next end config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.