Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
901
Views
0
Helpful
5
Replies

FlexConfig-EIGRP help needed

cathy_shehorn
Level 1
Level 1

‎11-15-2022 11:07 AM

Working on a FlexConfig for EIGRP, have managed to work my way through most of the configuration.
Still having issues with a couple commands....
1. passive-interface $outside
2. distribute-list $acl out
when i try and deploy, the failure log always shows the fail on the first words, almost like these commands are not even compatible.  I am running FMC vs 7.0.4 with this being deployed on a FPR-1010
any help would be greatly appreciated 

 

 

0 Helpful
5 Replies 5

Rob Ingram
VIP
VIP

‎11-15-2022 11:21 AM - edited ‎11-15-2022 11:31 AM

@cathy_shehorn can you provide a screenshot of the exact error please?

You could just attempt to use the exact ASA commands and define them in the flexconfig, instead of using a variables.

Example:

router eigrp 1
 distribute-list FILTER in
 passive-interface default
 no passive-interface INSIDE

FYI, from FMC version 7.2 - you can configure EIGRP natively in the FMC GUI, without having to use FlexConfig.

0 Helpful

cathy_shehorn
Level 1
Level 1

‎11-15-2022 11:46 AM

@rob_ingram, thanks for the reply...during my searches i did see where it would be much easier to configure if we upgraded, however it is not solely up to me to do so   

When i run the "preview" it looks like everything should work fine

cathy_shehorn_0-1668540631711.png

however, when i deploy it i get the following:

cathy_shehorn_1-1668541541295.png

cathy_shehorn_2-1668541557540.png

 

0 Helpful

Rob Ingram
VIP
VIP
In response to cathy_shehorn

‎11-15-2022 11:58 AM

@cathy_shehorn it looks like you are just configuring passive-interface on a single interface, I think you need also need to configure "no passive-interface default" so all other interfaces are not in a passive interface state. Make sure that command is defined above the explictly configured "passive-interface <interfacename>"

Or do the opposite, explictly configure "passive-interface default" and then disable passive-interfaces on the required interfaces.

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to cathy_shehorn

‎11-16-2022 12:34 AM

you config distribute-list using interface KDDI-to-Koito
then you passive-interface KDDI-to-Koito 

that not relate to FMC it relate to EIGRP protocol, the passive interface meaning the interface will not establish EIGRP with neighbor and not send receive prefix update through that interface 
but you config distribute list that filter the prefix update !!!
you need one of them either make interface not passive and config distribute list 
OR
config passive and remove distribute list 

0 Helpful

cathy_shehorn
Level 1
Level 1

‎11-15-2022 12:06 PM

@rob_ingram  - sorry i thought i sent this screen shot also...but it does not look like it got sent 

 

cathy_shehorn_1-1668542758007.png

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card