ScreenOS Firewalls (NOT SRX)
Trusted Contributor
Posts: 447
Registered: ‎11-11-2008

Filtering OSPF route Advertisement

Hi All,


         I  have a Site to site SSG to SSG VPN connection which is doing OSPF.  My head office has about 500 routes due to all the remote offices.  All the remote offices have an this site to site connection with OSPF.  Essentially the Remote offices need the routes for a select few places but since OSPF is running the remote sites get all 500 routes in their routing table.  


        Is there a way I can filter and only send the 5-6 routes that are important throug the OSPF tunnel.  The filtering would happen on a SSG 550.


ps.  I dont want to just add statics at the remote sites because I actually have two SSG's with two different internets and OSPF calculates my failover.  Everything works great I would just like to make my routing tables smaller.




Super Contributor
Posts: 141
Registered: ‎11-18-2008

Re: Filtering OSPF route Advertisement

All OSPF neighbors in the same area have the same SPF database so you cannot send only 5 routes.


You can use mutiple areas and summarize routes coming from the backbone.


Hope this helps,



Regular Visitor
Posts: 6
Registered: ‎11-25-2008

Re: Filtering OSPF route Advertisement

Hello Cesar,


I think Site to Site VPN tunnels must be in Area 0. right?.




Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.