cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
587
Views
0
Helpful
3
Replies

Help with EIGRP on ASA and site-to-site VPN

burleyman
Level 8
Level 8

I have a core switch running EIGRP and it connects to the ASA which also has EIGRP running. How can I setup EIGRP so the Site-to-Site VPN subnets are propagated throughout the EIGRP AS? ASA is running 8.2(5).

 

Mike

3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

Hi Mike

I have never used it but Reverse Route Injection will automatically add static routes for your VPNs and inject them into a dynamic routing protocol for you.

According to this link from ASA 8.x it is also supported for EIGRP -

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/107596-asa-reverseroute.html

like I say never used it so can't say for sure how well it works.

if it doesn't work then you could either -

1) add statics to the ASA and manually redistribute into EIGRP

or

2) add statics to your core switch pointing to the ASA for the remote networks

so a number of options and one of them should work at least.

Jon

That is where I was going but thought I would check to make sure there was not something I missed. I have used Reverse Route Injection and it does work great.

Now I should not add the subnets in the "Network" statement under EIGRP correct, just redistribute the Static routes?

 

Thanks Jon, hope things are going good for you. Oh yeah, Go Flames! that is still your team right?

Mike

Now I should not add the subnets in the "Network" statement under EIGRP correct, just redistribute the Static routes?

Correct.

Hope your good as well.

Edit - football for me and I think you know who my team are :-)

Jon

Review Cisco Networking for a $25 gift card