Will an ASA Redistribute IPSec Tunneled Subnets via EIGRP

Unanswered Question
Jan 8th, 2009

Is this possible? My ASA is not going to be my 0.0.0.0/0.0.0.0 gateway and I would like to avoid a massive table of static routes.

Thanks in advance!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ivan Martinon Fri, 01/09/2009 - 16:42

We have 2 options here:

Easiest is to have your remote peers connecting to your ASA to a dynamic crypto map, then you can configure Reverse Route Injection on this dynamic crypto map and and have the static routes created by RRI redistribued into EIGRP. This will cause that when the tunnel comes up RRI will automatically inject a static route to your device which will be injected to EIGRP. With static crypto maps, I believe these routes will be advertised regardless of the tunnel not being created and completed, but should follow the same principle.

Actions

This Discussion