Hot!ospf bfd with cisco

Author
fat
New Member
  • Total Posts : 16
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/08/05 23:47:50
  • Status: offline
2020/12/02 08:47:27 (permalink)
0

ospf bfd with cisco

Hello,
 
I'd like to configure OSPF BFD between Fortigate and Cisco ASA.
My settings are as follows, but it didn't work.
I found Forti sent out packets but didn't receive from ASA.
 
ASA:
interface g0/0
ospf hello-interval 1
 ospf dead-interval 3
 bfd interval 250 min_rx 250 multiplier 3


Fortigate:
config router ospf
...
config ospf-interface
edit "interco"
 set dead-interval 3
 set hello-interval 1
 set bfd enable


Thanks.
#1

3 Replies Related Threads

    emnoc
    Expert Member
    • Total Posts : 5919
    • Scores: 394
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: ospf bfd with cisco 2020/12/02 11:16:04 (permalink)
    5 (2)
    Sounds like the cisco ASA might be setup for bfd correctly. Did you follow the cisco community and execute any debugging on the fortigate ?
     
    Ken Felix Security Blog: BFD fortiagte and junos firewalls (socpuppet.blogspot.com)
     
    I would run a the diag sniffer command and any debug options on the cisco ASA. If your sending to the cisco ASA device and not seeing response you will need to execute the show commands to ensure the interface is bfd enabled.
     
    cisco
     
    sh bfd summary 
    sh bfd drops
     
    and debug bfd 
     
    Post your findings and packet dump here.
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #2
    fat
    New Member
    • Total Posts : 16
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/08/05 23:47:50
    • Status: offline
    Re: ospf bfd with cisco 2020/12/03 06:30:43 (permalink)
    0
    Hello,
     
    Good idea. I used debug bfd on Cisco. It showed nothing.
    Finally I found out the issue.
    On ASA OSPF interface, I need to add "bfd neighbor x.x.x.x", but it didn't appear on the config output.
    The Fortigate config is the same.
     
    Thank you for your help.
    #3
    emnoc
    Expert Member
    • Total Posts : 5919
    • Scores: 394
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: ospf bfd with cisco 2020/12/03 07:27:24 (permalink)
    0
    Ok cool glad it worked out for you.
     
    Ken Felix
     

    PCNSE 
    NSE 
    StrongSwan  
    #4
    Jump to:
    © 2021 APG vNext Commercial Version 5.5