[ScreenOS] Configuring OSPF on firewall

How to enable OSPF on ScreenOS firewalls
The basic instructions are documented below.

For more details, refer to the OSPF chapter in the ScreenOS Concepts & Examples Guide - Routing:
There are two steps needed to establish OSPF adjacency with other OSPF routers or firewalls:

1. Enable OSPF protocol on a specific virtual router
2. Enable OSPF on a specific interface.

The WebUI and CLI instructions are provided below:


In this example, you enable the OSPF routing instance on the virtual router trust-vr and enable OSPF on the trust interface.

Open the WebUI. For more information on opening the WebUI, go to Connecting to Your NetScreen Device Using the WebUI.

From the ScreenOS options menu, click Network, select Routing, and then click Virtual Routers.

From trust-vr, click Edit.

Image of step three

From Dynamic Routing Protocol Support, click Edit OSPF Instance.

Image of step four

Click to select OSPF Enabled.

Image of step five and six

Click OK.

Click OK.

Image of step seven

From the ScreenOS options menu, click Network, and then click Interfaces.

Image of step eight

From ethernet1, click Edit.

Image of step nine

From the Edit page, click OSPF.

Image of step ten

Click to enable Enable Protocol OSPF.

Image of step eleven and twelve

Click to enable Bind to Area, and then enter

Click Apply.

Image of step thirteen


To configure interface Ethernet3 on the ScreenOS firewall to form the adjacency with the upstream router running OSPF in area 0:

set vr trust-vr protocol ospf
set interface e3 proto ospf area

To verify the OSPF configuration:

ns-> get interf e3 proto ospf
VR: trust-vr RouterId:
Interface: ethernet3
IpAddr:, OSPF: enabled, Router: enabled
Type: Ethernet Area: Priority: 1 Cost: 10
Transit delay: 1s Retransmit interval: 5s Hello interval: 10s
Router Dead interval: 40s Authentication-Type: None
State: Designated Router DR: BDR:
RtrId: IpAddr: Pri: 1 State: Full

Other useful commands:

get route
get vr trust protocol ospf
get vr trust protocol ospf neighbor

