Screen OS

I'm trying to setup 2 firewalls that currently have a point to point in place.  I've configured the 2 endpoints in a /29 network and confirmed connectivity across the links, but I'm not seeing the networks being advertised.  Here is the configuration on side A:

set protocol rip

set interface "ethernet0/7" zone "Trust"
set interface ethernet0/7 ip 172.20.0.1/29
set interface ethernet0/7 nat

set vrouter "trust-vr"
set router-id 192.168.1.254
set access-list 10
set access-list 10 permit ip 192.168.1.0/24 1
set route-map name "InternalRoutes" permit 1
set match ip 10

set interface ethernet0/7 protocol rip
set interface ethernet0/7 protocol rip enable
set interface ethernet0/7 protocol rip route-map "InternalRoutes" out

Side B:

set interface "ethernet0/3" zone "Trust"
set interface ethernet0/3 ip 172.20.0.2/29
set interface ethernet0/3 nat

set vrouter "trust-vr"
set router-id 192.168.14.254
set access-list 10
set access-list 10 permit ip 192.168.14.0/24 1
set route-map name "InternalRoutes" permit 1
set match ip 10

set interface ethernet0/3 protocol rip
set interface ethernet0/3 protocol rip enable
set interface ethernet0/3 protocol rip route-map "InternalRoutes" out

What I'm trying to accomplish is the internal network at each location being advertised via RIP to the remote site (I could put in static routes but site B has an OSPF instance running w/ a 3rd location so is also learning the route that way w/ a higher metric for a backup route).

You need to specify what you want redistributed.  With your current config, only RIP routes would be redistributed, which I'm assuming is none.

Try

set redistribute route-map "InternalRoutes" protocol <BGP/OSPF/Connected/Imported/NHRP/Static>

For example, if you wanted your static routes to be redistributed, you would use

set redistribute route-map "InternalRoutes" protocol static

Thanks for the quick response.  I added this:

set vr trust-vr
set protocol rip
set redistribute route-map "InternalRoutes" protocol connected

and now am getting a bit closer.  I see the remote subnets now in the database, but I'm seeing the following from the 2 units:

site A:

fw1-> get route ip 192.168.14.0
Dest for 192.168.14.0
--------------------------------------------------------------------------------------
trust-vr : => 192.168.14.0/24 (id=21) via 0.0.0.0 (vr: trust-vr)
Interface tunnel.4 , metric 1

site B:

fw2-> get route ip 192.168.1.0
Dest for 192.168.1.0
--------------------------------------------------------------------------------------
trust-vr : => 192.168.1.0/24 (id=295) via 172.20.0.1 (vr: trust-vr)
Interface ethernet0/3 , metric 11

potential routes in other vrouters:

trust2-vr : => 0.0.0.0/0 (id=190) via 172.16.0.20 (vr: trust2-vr)
Interface ethernet0/4 , metric 4

So site 2 looks to have both routes, over the point to point and the route that it is learning via ospf in trust2-vr.  Site 1 has the incorrect route in the routing table.  The topology is Site 1 (FW1) has a vpn to HQ and HQ and FW2 are both participating in an ospf area.  HQ is advertising the Site 1 network to FW2 and allow the traffic from Site 2 to Site 1 over the tunnel.  Site 1 has a static route as follows for the network at site 2:

set route 192.168.14.0/24 interface tunnel.2 preference 150
set route 192.168.14.0/24 interface tunnel.4 preference 75

Do I need to remove the static routes?

Default preference for RIP is 100, so the static with preference 75 will be more preferred.

Sweet, perfect.  Thanks.  Updated and that corrected it.  Confirmed able to ping both ways as expected and route tables look correct on both units now.