Hi
I'd like to create second ospf process on FG 100d and 60C. Is this posible?
How to do that?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
just to answer to the initial question...
It is not possible to run multiple instance of OSPF process on the Fortigate.There is only one process running (a.k.a "router ospf 0"), and each VDOM is seen as a separate VRF.
Best regards,
Benoit
My 1st question would be why? I don't think it's possible to build 2 ospf-proc in the same vdom?
2nd what are you trying to achieve ( route filtering or leaking control for routing )?
BTW, This is an feature that's easy doable in a cisco ASA but I don't recall this level of support in a fortgate & they don't ( FGT ) actually deploy ospf proc # in the fashion like that of a cisco.
PCNSE
NSE
StrongSwan
i'm thinking about second ospf process because i have problem with ospf in second vpn ipsec.
in 1st vpn - ospf works fine
but 2nd vpn - won't work in ospf.
All route is in 1st vpn.
I change the distance, but with no luck.
When i add static route accros 2nd vpn - it's ok. But i need dynamic routing.
You should really trouble-shoot the why on the 2nd ospf vpn.
Qs;
Do you have ospf-adj ?
Are you trying to build ECMP or a fallback route over the 2nd OSPF vpn?
Are the ospf-areas the same for both interfaces?
PCNSE
NSE
StrongSwan
ok now it's almost works.
The problem was defined subnets on phase 2 in vpn - when i change them to 0.0.0.0/0 all problem disappire.
OSPF working as i want.
But is one problem.
One Fortigate has os 5.2.3 and when i try change subnets to 0.0.0.0/0 it show "invalid address".
How to change it on os 5.2?
ok it's works.
In 5.2 need to be 0.0.0.0/0.0.0.0
and of course need to correct MTU, because they change default MTU beetwen <5.0 an >5.2
Hello,
just to answer to the initial question...
It is not possible to run multiple instance of OSPF process on the Fortigate.There is only one process running (a.k.a "router ospf 0"), and each VDOM is seen as a separate VRF.
Best regards,
Benoit
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.