Техническая Инструкция для Cisco Cisco ASA for Nexus 1000V Series Switch
ASA/PIX: BGP through ASA Configuration
Example
Example
Document ID: 6500
Contents
Introduction
Prerequisites
Requirements
Components Used
Related Products
Conventions
Configure
Network Diagram
Scenario 1
Scenario 2
MD5 Authentication for BGP Neighbors through the PIX/ASA
PIX 6.x Configuration
PIX / ASA 7.x and Later
Verify
Related Information
Prerequisites
Requirements
Components Used
Related Products
Conventions
Configure
Network Diagram
Scenario 1
Scenario 2
MD5 Authentication for BGP Neighbors through the PIX/ASA
PIX 6.x Configuration
PIX / ASA 7.x and Later
Verify
Related Information
Introduction
This sample configuration demonstrates how to run Border Gateway Protocol (BGP) across a Security
Appliance (PIX/ASA) and how to achieve redundancy in a multihomed BGP and PIX environment. With a
network diagram as an example, this document explains how to automatically route traffic to Internet service
provider B (ISP-B) when AS 64496 loses connectivity to ISP-A (or the reverse), through the use of dynamic
routing protocols that run between all routers in AS 64496.
Appliance (PIX/ASA) and how to achieve redundancy in a multihomed BGP and PIX environment. With a
network diagram as an example, this document explains how to automatically route traffic to Internet service
provider B (ISP-B) when AS 64496 loses connectivity to ISP-A (or the reverse), through the use of dynamic
routing protocols that run between all routers in AS 64496.
Because BGP uses unicast TCP packets on port 179 to communicate with its peers, you can configure PIX1
and PIX2 to allow unicast traffic on TCP port 179. This way, BGP peering can be established between the
routers that are connected through the firewall. Redundancy and the desired routing policies can be achieved
through the manipulation of the BGP attributes.
and PIX2 to allow unicast traffic on TCP port 179. This way, BGP peering can be established between the
routers that are connected through the firewall. Redundancy and the desired routing policies can be achieved
through the manipulation of the BGP attributes.
Prerequisites
Requirements
Readers of this document should be familiar with Configuring BGP and Basic Firewall Configuration.
Components Used
The example scenarios in this document are based on these software versions:
Cisco 2600 routers with Cisco IOS® Software Release 12.2(27)
•
PIX 515 with Cisco PIX Firewall Version 6.3(3) and later
•
The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
devices used in this document started with a cleared (default) configuration. If your network is live, make sure