01-06-2010 07:45 PM - edited 03-04-2019 07:08 AM
Greeting
for infrastructure traffic <->routerA<->FW<->routerB, and if both router using eigrp, except ask FW to open a hole for eigrp communication though, can I use eigrp tunnel?
I am a little confused, if I do use the eigrp tunnel, will it tunnel all traffic bypass the Firewall? can I only make turnnel with the routing protocol eigrp traffic only, so all user traffic will get firewall checked?
If it is correct method to use, please advice me an example of configuration.
Any comment will be appreciated
Thanks in advance
Solved! Go to Solution.
01-07-2010 11:01 PM
in general if you have a firewall in between
you can do one of the following:
- use a gre tunnel to bypass the firewall and make sure the firewall permit gre traffic
- let the firewall participate in the routing
- use the firewall in transparent mode
can you post your diagram of the network to understand it in more detail
01-06-2010 09:43 PM
the traffic will go through the tunnel and the ASA will see only gre traffic !!
i think the new ASA software has support to eigrp you may configure the ASA to be part of the network
of if you looking to have the network (L3 perspectives) as there is no firewall in the path you could configure your ASA firewall in transparent mode int this mode the ASA will looks like a switch i mean L3 routers will not see it in the path and they can communicant as directly connected to the same subnet however the ASA will do firewalling in the path
good luck
if helpful Rate
01-07-2010 08:24 PM
Great thanks for the reply.
However, I do not have control on the firewall box. But, I want find out if I can run eigrp on routers at both site of firewall, and pass the routing table over. is it inposible?
how about I use ibgp on both end, and at my end run eigrp and ibgp? and let ibgp pass the required routing table to another end?
Please advice,
Thanks in advance
01-07-2010 11:01 PM
in general if you have a firewall in between
you can do one of the following:
- use a gre tunnel to bypass the firewall and make sure the firewall permit gre traffic
- let the firewall participate in the routing
- use the firewall in transparent mode
can you post your diagram of the network to understand it in more detail
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide