04-04-2003 01:42 PM - edited 03-02-2019 06:25 AM
Is there any way to configure ospf or eigrp to pass through a PIX??
04-04-2003 01:53 PM
Only using, and through, GRE Tunnels.
Hope this helps you,
Don
04-04-2003 06:50 PM
What are you trying to accomplish? Generally it is bad for security to run a routing protocol through a firewall (after all, if you can trust what is on the other side, why use a firewall?). If the goal is to detect the status of a router on the other side of the firewall, you can use BGP rather than an IGP. BGP is compatible with firewall filtering, including NAT if you need it, and can be easily filtered to minimize the damage that can be caused by a hostile system on the other side of the firewall.
See the white paper on my web site on Redundant Firewall Configuration to see an example of how BGP can be configured to run through a NAT firewall and used to control static routes. That way, there is no way a rogue on the far side of the firewall can insert bogus routes into the near side of the firewall.
Good luck and have fun!
Vincent C Jones
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide