Sorry, replying my own message. The access-list below assumes that you are able to use nat 0 command (no NAT translation will occur for the internal IP addressess to be seen from outside network). If you are doing NAT then a global and nat combination need to represent the internal IP addresses to the outside network, before applying the access-list below.
Hope you get the idea. > Since OSPF uses IP protocol 89, permit this protocol between > the two OSPF routers with access-list applied at outside and inside > PIX interfaces, something like this: > access-list 101 permit 89 host 1.1.1.1 host 2.2.2.2 > access-list 102 permit 89 host 2.2.2.2 host 1.1.1.1 > access-group 101 interface inside > access-group 102 interface outside > > At the OSPF routers, put neighbour command, so they can speak > each other directly without multicasting the hello packets. > > Hope you get the idea. > > ----- Original Message ----- > From: "pat" > To: > Sent: Tuesday, October 30, 2001 1:01 PM > Subject: OSPF across PIX [7:24608] > > > > Does anybody has any ideas on how to run OSPF across > > firewall. What ports to be open & how to make router > > esablish nighbour relations across firewall. > > > > Any thought on this will be greatly appriciated. > > > > Thanks, > > patterson. > > > > __________________________________________________ > > Do You Yahoo!? > > Make a great connection at Yahoo! Personals. > > http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24618&t=24608 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
