Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2813
Views
0
Helpful
0
Comments

Quick configuration sample on BGP Passthrough

athukral
Level 1
Level 1

‎12-13-2011 12:11 AM - edited ‎03-08-2019 06:43 PM

[toc:faq]

Introduction

This  document is a quick reference to configure BGP pass through Firewall  device.

Concept:

As we all  know that ASA do port randomization whenever traffic traverses through  ASA, that is why BGP does not work through the ASA. Hence, we need to do  appropriate configuration on ASA so that bgp traffic can traverse  through ASA.

Prequisite:

Routers and ASA

Network Diagram

bgp.JPG

Configuration

access-list outside permit tcp host 1.1.1.1 host  2.2.2.2 eq bgp

tcp-map bgp

tcp-options  range 19 19 allow

class-map  bgp

match port tcp eq  bgp

policy-map  global_policy

class bgp (where bgp  is class name )

set connection  random-sequence-number disable

set connection  advanced-options bgp (where bgp is tcp-map name)

I  hope this quick document is helpful to you and i want to thank you for  your time.

.

Verify

show service-policy

Related Information

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents