OSPF – How to Announce NAT’d Outside Addresses on Cisco ASA

cisco-asaospf

Device arrangement is as follows:

   BGP Peers
       +
       |
       |
+------+-------+
|              |
| Juniper MX5  |
|              |
+------+-------+
       |.254
  OSPF | 10.0.1.0/24
       |.1
+------+-------+
|              |
|  Cisco ASA   | ASA NAT
|              | 10.0.0.1 <> 134.0.15.1
+------+-------+
       |.254
       |10.0.0.0/24
       |.1
+------+-------+
|              |
|    HOST1     |
|              |
+--------------+

If you have the ASA performing NAT to address space that is not statically routed to it, how do you get the NAT'd addresses announced in to the OSPF zone so the router at the top (Juniper MX5) knows how to reach it?

(FYI this is a largely simplified slice out of a much larger network purely to demonstrate the components involved in this problem)

Best Answer

Typically you would install a static route on the upstream device (the Juniper MX5 in this example) pointing to the NAT outside network, rather than trying to advertise the network from the ASA. At least, that's how I always go about it.

Best Answer

Related Solutions

Cisco – How to configure a Lan to Lan VPN without using your outside interface IP address

Cisco – How to host server in DMZ zone of an ASA

Related Topic