Cisco ASA 5505 Configuration Manual page 394

Customizing OSPF
This area includes the settings for entering the password when password authentication is enabled. The
following fields are editable:
• Enter Password—Enter a text string of up to eight characters.
Re-enter Password—Reenter the password.
•
Choose the settings for MD5 IDs and Keys in the ID area.
Step 6
This area includes the settings for entering the MD5 keys and parameters when MD5 authentication is
enabled. All devices on the interface using OSPF authentication must use the same MD5 key and ID.
Options and fields include:
• Key ID—Enter a numerical key identifier. Valid values range from 1 to 255. This field also displays
the Key ID for the interface selected.
Key—An alphanumeric character string of up to 16 bytes. This field also displays the Key ID for the
•
interface selected.
Click the Add or Delete button to add or delete the specified MD5 key to the MD5 ID and Key table.
Click OK.
Step 7
Step 8 Click the Properties tab.
Step 9 Choose the interface that you want to edit. Double-clicking a row in the table opens the
dialog box for the selected interface.
Click Edit.
Step 10
The Interface text field displays the name of the interface for which you are configuring OSPF
properties. You cannot edit this field.
Check or uncheck the Broadcast check box to specify that the interface is a broadcast interface.
Step 11
By default, this check box is selected for Ethernet interfaces. Uncheck this check box to designate the
interface as a point-to-point, non-broadcast interface. Specifying an interface as point-to-point,
non-broadcast lets you transmit OSPF routes over VPN tunnels.
When an interface is configured as point-to-point, non-broadcast, the following restrictions apply:
You can define only one neighbor for the interface.
•
You need to manually configure the neighbor. (See the
•
on page
You need to define a static route pointing to the crypto endpoint. (See the
•
Default Routes" section on page
If OSPF over the tunnel is running on the interface, regular OSPF with an upstream router cannot
•
be run on the same interface.
You should bind the crypto-map to the interface before specifying the OSPF neighbor to ensure that
•
the OSPF updates are passed through the VPN tunnel. If you bind the crypto-map to the interface
after specifying the OSPF neighbor, use the clear local-host all command to clear OSPF
connections so the OSPF adjacencies can be established over the VPN tunnel.
Step 12 Configure the following options:
• Enter a value in the Cost field which determines the cost of sending a packet through the interface.
The default value is 10.
• In the Priority field, enter the OSPF router priority value.
When two routers connect to a network, both attempt to become the designated router. The devices
with the higher router priority becomes the designated router. If there is a tie, the router with the
higher router ID becomes the designated router.
Cisco ASA 5500 Series Configuration Guide using ASDM
21-10
21-14.)
19-2.)
Chapter 21
"Defining Static OSPF Neighbors" section
"Configuring Static and
Configuring OSPF
Properties tab
OL-20339-01