Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

from transparent to routed - ASA supporting EIGRP

I have a ASA upgrade, where a 5520 ASA configured for transparent is currently supporting EIGRP with only ACLs - permit eigrp ..... source destination (host 224.0.0.10) - the replacement 5550 ASA will be configured for routed mode and a "router eigrp AS" process will be applied. Once an ASA is configured in routed mode, with an EIGRP router process enabled, how is the firewall configured to support EIGRP?

thanks, Kevin

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: from transparent to routed - ASA supporting EIGRP

Kevin

"so, even though there are numerous ACLs assigned to, let's say, both the inside and outside ASA's interface, there no longer is the need for "permit eigrp source destination" ACLs?"

Correct, because in transparent mode the EIGRP traffic was passing through the firewall whereas in routed mode with the firewall running EIGRP this is no longer the case ie. the firewall is now an EIGRP neighbor.

Jon

4 REPLIES
Hall of Fame Super Blue

Re: from transparent to routed - ASA supporting EIGRP

Kevin

Here is the config doc section for configuring EIGRP on the ASA -

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/ip.html#wp1092871

If you are after something specific let me know.

Jon

New Member

Re: from transparent to routed - ASA supporting EIGRP

Jon, great link, thanks

so, even though there are numerous ACLs assigned to, let's say, both the inside and outside ASA's interface, there no longer is the need for "permit eigrp source destination" ACLs?

thanks, Kevin

Hall of Fame Super Blue

Re: from transparent to routed - ASA supporting EIGRP

Kevin

"so, even though there are numerous ACLs assigned to, let's say, both the inside and outside ASA's interface, there no longer is the need for "permit eigrp source destination" ACLs?"

Correct, because in transparent mode the EIGRP traffic was passing through the firewall whereas in routed mode with the firewall running EIGRP this is no longer the case ie. the firewall is now an EIGRP neighbor.

Jon

New Member

Re: from transparent to routed - ASA supporting EIGRP

Jon, simple enough, makes sense.

thanks a bunch,

kevin

529
Views
0
Helpful
4
Replies