From: pablo.smiraglia@verizon.com
Date: Mon Sep 18 2006 - 14:38:11 ART
be careful with this solution. Although the route may be required, it does
not explain the symptom you described before: "my configuration works only
when i allow the bgp to pass through the PIX via ACL from outside to
inside"
my 2c.
pablo.
"2nd CCIE" <doubleccie@yahoo.com>
Sent by: nobody@groupstudy.com
09/18/2006 12:34 PM
Please respond to
"2nd CCIE" <doubleccie@yahoo.com>
To
"Danshtr" <danshtr@gmail.com>
cc
ccielab@groupstudy.com, security@groupstudy.com
Subject
Re: BGP through pix
You are the man !
that actually was the problem .. i just had a default route (not
specific route ) to reach the ebgp multihop network
once i put the specific route to the multihop neighbor ...it worked
peacefully
NOW ...why on earth Cisco is doing that ? a default route is not enough
.??
really sux
Danshtr <danshtr@gmail.com> wrote:
From 12.2 and 12.3 configuration guide:
Router(config-router)# neighbor {ip-address | peer-group-name}
ebgp-multihop
Allows BGP sessions, even when the neighbor is not on a directly connected
segment. The multihop session is not established if the only route to the
address of the multihop peer is the default route ( 0.0.0.0).
on 12.4 I couldn't find such restriction.
HTH
On 9/18/06, 2nd CCIE < doubleccie@yahoo.com> wrote: Guys
I have a confusion here
R1-----------pix>>--------R2
if i configure R1 to peer with R2 and R2 to peer with R1 using the
update-source loopback and the ebgp-multihop options ...do i still need to
allow BGP on the External ACL of the PIX ?? ...why not R1 to peer with R2
( not the other way around ) without enabling anything on the PIX .
my configuration works only when i allow the bgp to pass through the PIX
via ACL from outside to inside .
is there a way to force the peering direction ?
thx
---------------------------------
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great
rates starting at 1"/min.
This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:40 ART