from transparent to routed - ASA supporting EIGRP

Answered Question
Jul 23rd, 2009

I have a ASA upgrade, where a 5520 ASA configured for transparent is currently supporting EIGRP with only ACLs - permit eigrp ..... source destination (host 224.0.0.10) - the replacement 5550 ASA will be configured for routed mode and a "router eigrp AS" process will be applied. Once an ASA is configured in routed mode, with an EIGRP router process enabled, how is the firewall configured to support EIGRP?

thanks, Kevin

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 4 months ago

Kevin

"so, even though there are numerous ACLs assigned to, let's say, both the inside and outside ASA's interface, there no longer is the need for "permit eigrp source destination" ACLs?"

Correct, because in transparent mode the EIGRP traffic was passing through the firewall whereas in routed mode with the firewall running EIGRP this is no longer the case ie. the firewall is now an EIGRP neighbor.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ksvy_ksvy Thu, 07/23/2009 - 10:57

Jon, great link, thanks

so, even though there are numerous ACLs assigned to, let's say, both the inside and outside ASA's interface, there no longer is the need for "permit eigrp source destination" ACLs?

thanks, Kevin

Correct Answer
Jon Marshall Thu, 07/23/2009 - 11:08

Kevin

"so, even though there are numerous ACLs assigned to, let's say, both the inside and outside ASA's interface, there no longer is the need for "permit eigrp source destination" ACLs?"

Correct, because in transparent mode the EIGRP traffic was passing through the firewall whereas in routed mode with the firewall running EIGRP this is no longer the case ie. the firewall is now an EIGRP neighbor.

Jon

Actions

This Discussion