From: Sheahan, John (John.Sheahan@priceline.com)
Date: Wed Jun 09 2004 - 10:26:22 GMT-3
if it's a Pix firewall, you can run OSPF on it with the proper version of code and redistribute
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Dmitry Volkov
Sent: Tuesday, June 08, 2004 11:00 PM
To: 'Brian McGahan'
Cc: 'Group Study (E-mail)'
Subject: RE: EIGRP and firewalls
And keep all other traffic transparent from the firewall's perspective ?...
Or You meant something else ??
Dmitry
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On
> Behalf Of Brian McGahan
> Sent: Tuesday, June 08, 2004 2:14 PM
> To: Joseph D. Phillips; Group Study (E-mail)
> Subject: RE: EIGRP and firewalls
>
>
> Joseph,
>
> Why not just run a GRE tunnel between the routers and keep the
> EIGRP information transparent from the firewall's perspective?
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Joseph D. Phillips
> > Sent: Tuesday, June 08, 2004 12:05 PM
> > To: Group Study (E-mail)
> > Subject: EIGRP and firewalls
> >
> > I would guess that you can't form a neighborship between an EIGRP
> speaker
> > with a public address and an EIGRP speaker behind a firewall whose
> address
> > is in the private range, thanks to network address translation.
> >
> > I should think, however, that there are ways of configuring
> firewalls
> to
> > allow the multicast hello traffic transit to the necessary
> interfaces.
> The
> > firewall I use at work does routing as well.
> >
> >
> >
> > -----Original Message-----
> > From: Joe Chang [mailto:changjoe@earthlink.net]
> > Sent: Tuesday, June 08, 2004 09:54
> > To: Victor Kasacavage; Moreau, Franck; ccielab@groupstudy.com; 'Dan'
> > Subject: Re: My first but not last :( - Need your help.
> >
> >
> > I guess the question would be whether the firewall can alter the IP
> > information in EIGRP's RTP packets. Would a Cisco manufactured
> firewall be
> > able to do that?
> >
> > By the way, that's some great advice, thank you Victor.
> >
> > > RTR A ---- FIREWALL --- RTR B
> > >
> > > RTR A and RTR B use EIGRP. Make the routes in RTR A
> appear on RTR B
> > > routing table.
> > >
> > > Now, what is the problem being presented
> > > what are the possible options
> > > which is the best possible solution
> > >
> > > The problem is that EIGRP doesn't work through
> firewalls.....why? It
> is
> > > very important to understand the why part as this will
> let you know
> if
> > you
> > > really understand how EIGRP works (I'll leave this one up to the
> group)
> >
> >
> ______________________________________________________________
> _________
> > Please help support GroupStudy by purchasing your study materials
> from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> ______________________________________________________________
> _________
> > Please help support GroupStudy by purchasing your study materials
> from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> ______________________________________________________________
> _________
> Please help support GroupStudy by purchasing your study
> materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:36 GMT-3