Re: BGP Through PIX Question #1

From: Kal Han (calikali2006@gmail.com)
Date: Fri Dec 01 2006 - 03:31:46 ART

• Next message: Lab Rat #109385382: "RE: BGP Through PIX Question #1"
• Previous message: yan_zhg: "about telecityredbus"
• Maybe in reply to: Lab Rat #109385382: "BGP Through PIX Question #1"
• Next in thread: Lab Rat #109385382: "RE: BGP Through PIX Question #1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

when I keep the acl with
permit tcp host x.x.x.x eq bgp host x.x.x.x
permit tcp host x.x.x.x host x.x.x.x eq bgp
Then I did not see this problem.

With only one acl, I think its possible to see
the problem till the peer you want to initiate
the connections actually initiates the connection.

Thanks
Kal

On 11/30/06, Lab Rat #109385382 <techlist01@gmail.com> wrote:
>
> Have you guys ever ran in the situation where, after clearing xlate on the
> PIX (or something along those lines), the BGP peer authentication starts
> going haywire on one of the end-points? It's the message "...Invalid MD5
> digest from x.x.x.x (179) to x.x.x.x (11000) (RST)"
>
> Well, I've now run into this more than once, and I can never get it to go
> away unless I reload the router or I wait for like 10 minutes.
>
> Is this normal? Has anyone else seen this?
>
> Thanks,
>
> Eddie

• Next message: Lab Rat #109385382: "RE: BGP Through PIX Question #1"
• Previous message: yan_zhg: "about telecityredbus"
• Maybe in reply to: Lab Rat #109385382: "BGP Through PIX Question #1"
• Next in thread: Lab Rat #109385382: "RE: BGP Through PIX Question #1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:36 ART