Configure OSPF in Juniper Netscreen firewall
Starting with ScreenOS 4.0.0r1, Open Shortest Path First (OSPF) routing protocol is supported in NetScreen-5XT, NetScreen-25, NetScreen-50, NetScreen-500, and NetScreen-5200.
Follow the below steps.
- Login to Web UI and navigate to below link. Network –>Routing –> Virtual Routers.
- Here you can see the current configurations for your trust and untrust vr.
- We need to create a) an access list b) A Route Map and c) Bind all these to the OSPF.
- Create an access-list. In hte trust-vr under Access-List, click on the “0”. In the snap its 1, as there is already a access-list configured.
- Click on NEW and add the details for the options shown below.
- Give a Access List ID like 10.
- Sequence No. say 1 and the network that will be advertised, like 10.50.0.0/16, click OK.
- We can always add more network by selecting the “Add Seq No”, as shown below.
- Now configure the “Route Map” Go back to the Virtual Routers page and click on the “0” below the Route Map Option.
- Click on NEW and fill in the options, Give a name like “rtmap1” , set Action to Permit and select the Access List check box. Select OK.
- Now select the “Redistributable Rules” and select the route map that we created.
- Now select the routing protocols that need to be distributed and click Add.
This basically means that if there is a static route in the firewall for 10.50.10.0/24 and we have advertised the whole 10.50.0.0/16, the 10.50.10.0/24 will be specifically seen in the OSPF routing table.
Well, this does it.