Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
535
Views
5
Helpful
3
Replies

eigrp tunnel question

Go to solution
julxu
Level 1
Level 1

‎01-06-2010 07:45 PM - edited ‎03-04-2019 07:08 AM

Greeting

for infrastructure traffic <->routerA<->FW<->routerB, and if both router using eigrp, except ask FW to open a hole for eigrp communication though, can I use eigrp tunnel?

I am a little confused, if I do use the eigrp tunnel, will it tunnel all traffic bypass the Firewall? can I only make turnnel with the routing protocol eigrp traffic only, so all user traffic will get firewall checked?

If it is correct method to use, please advice me an example of configuration.

Any comment will be appreciated

Thanks in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni
In response to julxu

‎01-07-2010 11:01 PM

in general if you have a firewall in between

you can do one of the following:

- use  a gre tunnel to bypass the firewall and make sure the firewall permit gre traffic

- let the firewall participate in the routing

- use the firewall in transparent mode

can you post your diagram of the network to understand it in more detail

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni

‎01-06-2010 09:43 PM

the traffic will go through the tunnel and the ASA will see only gre traffic !!

i think the new ASA software has support to eigrp you may configure the ASA to be part of the network

of if you looking to have the network (L3 perspectives) as there is no firewall in the path you could configure your ASA firewall in transparent mode int this mode the ASA will looks like a switch i mean L3 routers will not see it in the path and they can communicant as directly connected to the same subnet however the ASA will do firewalling in the path

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

good luck

if helpful Rate

Go to solution
julxu
Level 1
Level 1
In response to Marwan ALshawi

‎01-07-2010 08:24 PM

Great thanks for the reply.

However, I do not have control on the firewall box. But, I want find out if I can run eigrp on routers at both site of firewall, and pass the routing table over. is it inposible?

how about I use ibgp on both end, and at my end run eigrp and ibgp? and let ibgp pass the required routing table to another end?

Please advice,

Thanks in advance

0 Helpful

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni
In response to julxu

‎01-07-2010 11:01 PM

in general if you have a firewall in between

you can do one of the following:

- use  a gre tunnel to bypass the firewall and make sure the firewall permit gre traffic

- let the firewall participate in the routing

- use the firewall in transparent mode

can you post your diagram of the network to understand it in more detail

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card