Solved: FMC EIGRP VPN Route

Rene Mueller · ‎05-29-2024

Hi,

we have a FTD managed via FMC with 2 EIGRP Interfaces, one internal for Campus LAN and one DMZ to reach the DMVPN Hub routers for branch offices. We have EIGRP in place for dynamic routing. There is a site2site vpn configured on FMC and I would like to propagate this subnet into EIGRP for our branch offices. I am not really sure how to do this via FMC. Do I have to add a static route and redistribute static? FMC has version 7.2.5 so no Flexconfig needed anymore for EIGRP.

Giuseppe Larosa · ‎05-29-2024

Hello @Rene Mueller ,

so based in your network diagram you would like to propagate prefix 10.164.47.0/24 from FTD to the DMVPN Hub router using EIGRP.

You could configure a static route pointing to the FTD public interface and then redistribute it into EIGRP using a route-map to match this prefix

Hope to help

Giuseppe

View solution in original post

MHM Cisco World · ‎05-29-2024

DMVPN connect to FTD DMZ ?

FTD dont support DMVPN

can you share the topolgy ?

MHM

Rene Mueller · ‎05-29-2024

Yes, your right, however, DMVPN is only used on those VPN routers in branch direction. Between the vpn router and the ftd/fmc it is just eigrp transfer routing.

MHM Cisco World · ‎05-29-2024

draw the topolgy if you can

MHM

Rene Mueller · ‎05-29-2024

Here:

I want that the FW propagates the VPN Subnet into EIGRP so that it is reachable from a branch office.

Giuseppe Larosa · ‎05-29-2024

Hello @Rene Mueller ,

so based in your network diagram you would like to propagate prefix 10.164.47.0/24 from FTD to the DMVPN Hub router using EIGRP.

You could configure a static route pointing to the FTD public interface and then redistribute it into EIGRP using a route-map to match this prefix

Hope to help

Giuseppe

MHM Cisco World · ‎05-30-2024