How to redistribute routes in the configured OSPF area in Screenos (Juniper Firewall)

This tutorial will explain How to redistribute routes in the configured OSPF area in Screenos (Juniper Firewall).

Procedure to follow

Configure an access list for the network to redistribute in OSPF:

WebUI:

Go to Network > Routing > Virtual Router > Access Lists.

CLI:

Set vr
set access-list
set access-list Permit ip
exit

Configure a Route Map and match the access-list to it:

WebUI:

Go to Network > Routing > Virtual Router > Route Maps.

CLI:

Set vr
set route-map name permit
set match ip
exit

Apply this Route-Map to the OSPF instance, in Redistribution rules, which is under the virtual router:

WebUI:

Go to Network > Routing > Virtual Router (OSPF)>Redistribution Rules and select the source protocol, from which the routes will be re-distributed to OSPF.

CLI:

Set vr
set protocol ospf
set redistribute route-map protocol exit

Example

Redistribute the 192.168.1.0/24 network to the 0 OSPF area. OSPF has to be correctly configured, prior to configuring the route export.

From the command line interface (CLI):

Define the access list to permit or deny specific network:

Lab->set vr untrust-vr [Enter]
Lab(untrust-vr)-> set access-list 10 permit ip 192.168.1.0/24 5 [Enter]

Define the route map to match the access list:

Lab(untrust-vr)-> set route-map name REDIS-TR-ROUTES permit 5 [Enter]
Lab(untrust-vr/Redis-tr-routes-5)-> set match ip 10 [Enter]
Lab(untrust-vr/Redis-tr-routes-5)->exit [Enter]
Lab(untrust-vr)->

Apply the route map to the OSPF instance:

Lab(untrust-vr)-> set protocol ospf redistribute route-map
REDIS-TR-ROUTES protocol import [Enter]

192.168.1.0/24 is the route import from the trust-vr; so, the protocol type is imported. Other protocol types include BGP, connected, and static.

Sponsored Link

Leave a comment

Your email address will not be published. Required fields are marked *