Burke McCrory wrote:
>
> I am trying to put a PIX into a network that uses OSPF between its
> routers. So far I haven't been able to find a way to allow the OSPF
> updates to pass through the PIX. Does anyone have any ideas or
> suggestions? Thanks.
>
> Burke McCrory
> Internet Administrator
> Oklahoma Tax Commission
> [EMAIL PROTECTED]
Good afternoon Burke,
The only way to pass ospf over an ipsec tunnel is to encap the
multicast hellos into unicast packets. I have done this using gre on
ios, not on pix. I don't believe the pix supports gre yet. You could
encap the ospf on the router behind the pix and have the pix encap the
gre, decap on the other end and whalla you have your neighbor
adjacency. Let me know if you want more detail. Ciao.
Wade B
--
Wade Blackwell
Washington Mutual Bank
[EMAIL PROTECTED]
Network Security Architect
Aol & Yahoo instant messenger csewadeb
Calendar http://calendar.yahoo.com/csewadeb
(D)206.377.7426 (C)206.930.1822 (F)206.490.6797
smime.p7s
Description: S/MIME Cryptographic Signature
