From: Jens Petter (jenseike@start.no)
Date: Tue Dec 12 2006 - 02:46:29 ART
I would agree with this. But the problem is general... it will be there if
you also had 10 routeres between the bgp peers.. no pix..
Mvh
Jens Petter Eikeland
Mob 98247550
Hipercom AS
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
christianus sandjaja
Sent: 12. desember 2006 05:28
To: Petr Lapukhov
Cc: ccielab@groupstudy.com; security@groupstudy.com
Subject: Re: BGP through PIX Question
How about something like this one :
interface loopback0
ip address
152.1.30.1 255.255.255.0
router bgp 1
no synchronization
bgp router-id
1.1.1.1
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2
password CISCO
neighbor 2.2.2.2 ebgp-multihop 5
no auto-summary
ip route
0.0.0.0 .0.0.0.0 to PIX inside address
pix
static (inside,outside) 1.1.1.1
152.1.30.1 netmask 255.255.255.255 norandomseq
static (outside,inside) 2.2.2.2
152.1.1.1 netmask 255.255.255.255 norandomseq
R2
interface Loopback0
ip
address 152.1.1.1 255.255.255.0
router bgp 2
no synchronization
bgp router-id
2.2.2.2
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1
ebgp-multihop 5
neighbor 1.1.1.1 password CISCO
no auto-summary
But of course
its need 2 static entry on the PIX
CMIIW
Thanks
Chris
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART