Re: The PIX and RIP

From: kevin gannon (kevin@gannons.net)
Date: Fri Oct 14 2005 - 14:34:11 GMT-3

• Next message: Jian Gu: "Re: Internet Browser in CCIE lab?"
• Previous message: Feldman, Jim: "The PIX and RIP"
• Maybe in reply to: Feldman, Jim: "The PIX and RIP"
• Next in thread: Brant I. Stevens: "RE: The PIX and RIP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Unless the PIX is in transparent mode the RIP will not get accross the
PIX as the TTL of a RIP packet is 1.

GRE is an option but then it will not be possible to inspect the traffic
within the GRE as all traffic will go over the GRE.

Regards
Kevin

On 10/14/05, Feldman, Jim <Jim.Feldman@amex.com> wrote:
>
> Hi Guys,
>
> I want 2 routers to pass rip updates to each other across a PIX firewall.
> The Pix is configured to allow UDP port 520 traffic.
>
> I can think of 2 potential ways to do this:
>
> 1) Use the command, "no validate source-update" because the 2 routers
> are on 2 different subnets.
>
> 2) Set up a gre tunnel across the pix between the 2 routers.
>
>
> Am I correct that both ways will work?
>
> If so, is one way considered better?
>
> TIA, Jim
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.

• Next message: Jian Gu: "Re: Internet Browser in CCIE lab?"
• Previous message: Feldman, Jim: "The PIX and RIP"
• Maybe in reply to: Feldman, Jim: "The PIX and RIP"
• Next in thread: Brant I. Stevens: "RE: The PIX and RIP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:51 GMT-3