Re: BGP via PIX posted 01/08/2005
Our solution was designed by one of cisco's best BGP guys..Bruce Babcock.
His design allows us to do multi-site redundancy using Pix 535's and CSS's
at multiple locations. We advertise the same VIP's out both sites but
prepend on the non-preferred site. We use dark fiber connections internally
and externally between sites to allow the IGP to reroute in the event of
failures. It really works well.
As for the configuration on the Pix, we go straight through using TCP 179,
no tunnels. We did have to use ebgp multi-hop and next hop self commands.
----- Original Message -----
From: "Andre Scalco" <a_scalco@xxxxxxxxx>
Sent: Saturday, January 08, 2005 10:21 AM
Subject: BGP via PIX
> Hello Guys,
> I was doing some test passing BGP throught a PIX, I can make it work
correctly allowing only the TCP ports for BPG, However I was wondering that
Cisco recommends that when passing a routing protocol via PIX you should use
GRE Tunnels, some of the examples from Yusuf's book does the basic config
like I did.
> What do you guys think? Any input willl be very much appreciated.
> Best Regards,
> Andre Scalco
> "Think Outside the Bun"
> Do you Yahoo!?
> Yahoo! Mail - 250MB free storage. Do more. Manage less.
> Subscription information may be found at: