Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
655
Views
0
Helpful
2
Replies

ASA 5515 multiple ASN

Go to solution
Gumper
Level 1
Level 1

‎03-24-2022 04:11 PM

I have a Cisco ASA 5515 that has been the border of an iBGP enterprise. Our internet provider installed a static route to pass our public IP space directly to us. We pass certain subnets of this public IP space into our enterprise network segments. The iBGP between these segments, routers, other firewalls all work great. They all utilize private ASNs. 

We are now switching to a new provider. This provider is requiring eBGP and expects us to advertise our public IP ranges. ASA BGP
I have been able to configure BGP neighbors utilizing remote and local as options to mask the ASN assigned by the provider. 

My question - how can I advertise only specific blocks (i.e. /24) to this one neighbor? I have been trying maps and filters without much success. Often, when the networks are public address ranges that exist within the enterprise, the maps expose the private ASNs and next hops even though the maps are configured to prepend or replace those details. 
I do not want to redo the entire iBGP ASNs. 

Is there any way to statically advertise network 1, 2, 3 to a specific BGP neighbor?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gumper
Level 1
Level 1
In response to Gumper

‎03-25-2022 09:12 AM - last edited on ‎03-27-2022 07:49 PM by Community Manager

Finally found the solution. 

On the neighbor command it needs to be as follows:

 

neighbor ISP local-as 5678 no-prepend replace-as

 

Everything immediately it up.

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Gumper
Level 1
Level 1

‎03-25-2022 06:37 AM

Made some more progress last night.

I am not able to advertise the route to the one Neighbor, but the AS prepend is not working.

Below are the current config details.

 

router bgp 65100
  neighbor 192.168.1.1 remote-as 65200
  neighbor 192.168.1.1 description Cust1
  neighbor 192.168.1.1 password ******
  neighbor 192.168.1.1 timers 10 30
  neighbor 192.168.1.1 activate
  neighbor 192.168.2.1 remote-as 65300
  neighbor 192.168.2.1 description Cust2
  neighbor 192.168.2.1 password ******
  neighbor 192.168.2.1 timers 10 30
  neighbor 192.168.2.1 activate
  neighbor 192.168.3.1 remote-as 65400
  neighbor 192.168.3.1 description Cust3
  neighbor 192.168.3.1 password ******
  neighbor 192.168.3.1 timers 10 30
  neighbor 192.168.3.1 activate
  neighbor ISP remote-as 1234
  neighbor ISP local-as 5678
  neighbor ISP description Prov1
  neighbor ISP password ******
  neighbor ISP timers 10 30
  neighbor ISP activate
  neighbor ISP next-hop-self
  neighbor ISP remove-private-as
  neighbor ISP route-map ISP_Route_Map out
  redistribute static route-map ISP_Route_Map
  no auto-summary
  no synchronization
exit-address-family

route-map ISP_Route_Map, permit, sequence 1
  match ip address prefix-lists: ISP_Prefix_List
  set ip next-hop x.x.x.x
  set as-path prepend 5678 5678 5678

show bgp neighbor ISP advertised-routes
  Network     Next Hop   Metric   Weight    Path
  y.y.y.y/24    x.x.x.x        0          32768      ?
0 Helpful

Go to solution
Gumper
Level 1
Level 1
In response to Gumper

‎03-25-2022 09:12 AM - last edited on ‎03-27-2022 07:49 PM by Community Manager

Finally found the solution. 

On the neighbor command it needs to be as follows:

 

neighbor ISP local-as 5678 no-prepend replace-as

 

Everything immediately it up.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card