Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ColtM
New Contributor

OSPF Fortigate 100F and Edgerouter Infinity

Greetings,

 

I'm attempting to get OSPF working between my 100F and Edgerouter Infinity, I'm brand new to fortinet so I'm guessing its something very silly that I'm over looking, but my google-fo appears to be failing me.  The problem boils down to the Fortinet side is not getting the routes from the edgerouter

# get router info ospf route

OSPF process 0:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2

C 172.16.1.0/24 [1] is directly connected, TransitLink, Area 0.0.0.0

So I'm never seeing area 1 on the fortinet side, but both routers are Full adjacent neighbors 

get router info ospf neighbor
OSPF process 0, VRF 0:
Neighbor ID Pri State Dead Time Address Interface
0.0.0.1 1 Full/Backup 00:00:32 172.16.1.2 TransitLink

# run show ip ospf neighbor

Total number of full neighbors: 3
OSPF process 0 VRF(default):
Neighbor ID Pri State Dead Time Address Interface Instance ID
0.0.0.2 1 Full/ - 00:00:31 10.99.99.2 vti0 0
0.0.0.3 1 Full/ - 00:00:30 10.99.99.6 vti1 0
1.1.1.1 1 Full/ - 00:00:33 172.16.1.1 eth3 0

 

Here is the relevant config bits from both sides

config router ospf
set router-id 1.1.1.1
config area
edit 0.0.0.0
next
end
config ospf-interface
edit "TransitWanSide"
set interface "TransitLink"
set dead-interval 40
set hello-interval 10
next
end
config network
edit 1
set prefix 172.16.1.0 255.255.255.0
next
end
config redistribute "connected"
set status enable
end
config redistribute "static"
end
config redistribute "rip"
end
config redistribute "bgp"
end
config redistribute "isis"
end
end

 

eth3

dead-interval 40
hello-interval 10
mtu-ignore
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1

---

show protocols ospf
area 0 {
area-type {
normal
}
network 10.99.99.0/30
network 10.99.99.4/30
network 172.16.1.0/24
}
area 1 {
area-type {
normal
}
network 192.168.1.0/24
network 192.168.42.0/24
network 10.0.8.0/24
}
parameters {
abr-type cisco
router-id 0.0.0.1
}
passive-interface default
passive-interface-exclude vti0
passive-interface-exclude vti1
passive-interface-exclude eth3
redistribute {
connected {
metric 5
}
}

 

Any thoughts or ideas? Been scratching my head for the last few hours at this one.

Thanks!

 

1 Solution
emnoc
Esteemed Contributor III

I would set the network type to match the ospf neighbor by default broadcast is set 

 

under your ospf configuration for interface, set the type

 

set network-type point-to-point

 

 

Ken Felix

 

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
3 REPLIES 3
ColtM
New Contributor

Well with some further tweaks, I can see the database brief on the Fortigate side is showing area information from the directly connected and beyond, but I don't see the Fortigate taking any of the routes to these other networks, its only showing the directly connected interface via area 0 under the OSPF routes.  I've taken packet captures from the Fortigate side and Edgerouter side, I can clearly see updates being sent to the fortigate side, so I'm really scratching my head on this one.

emnoc
Esteemed Contributor III

I would set the network type to match the ospf neighbor by default broadcast is set 

 

under your ospf configuration for interface, set the type

 

set network-type point-to-point

 

 

Ken Felix

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
ColtM
New Contributor

That was the missing piece, thank you so much!

Labels
Top Kudoed Authors