Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) that exists under the sub-category of the link-state routing protocol. OSPF can be used in environments or networks that have a variety of vendors' equipment and each needs to exchange routing information amongst themselves. The ASA can facilitate the OSPF routing protocol to exchange network information and paths between its neighbors.
To get started, navigate to Configuration | Device Setup | Routing | OSPF | Setup on the ASDM.
Here we have the options to enable the OSPF routing protocol on the ASA. Click the checkbox, as displayed in the following screenshot, to enable OSPF Process 1. Then, let's set the OSPF Process ID to 1:
If the ASA has a default route that needs to be redistributed, using the OSPF routing protocol, to other routers or firewalls that are OSPF-enabled, this can be achieved by clicking the Advanced... button and then clicking on the checkbox that says Enable Default Information Originate:
Enabling the OSPF protocol is only the first step, now we need to advertise the network(s) that are connected to or are on the Inside interface of the ASA. With reference to the topology in the previous section (Static routing), we'll need to advertise both the 192.168.2.0/24 and 192.168.1.0/24 networks.
Next, click on the Networks tab and then click on Add:
Here we are able to add the networks to our OSPF Process 1. Simply enter the network-ID and subnet mask in the Area Networks section, then click on Add. Remember the backbone area for the OSPF is always Area ID: 0:
On the window, you can turn on route authentication for OSPF Process 1. Route authentication enables the router or ASA to provide authentication between its neighbors before they can exchange routing information.
Once you're finished adding your networks, click on OK.
The ASDM will carry to back to the Area/Networks tab and display the newly-added route:
Once you have completed all the configurations or modifications, click Apply and save your configurations.