[c-nsp] eigrp question

Jim McBurnett jim at tgasolutions.com
Wed Jan 5 23:31:54 EST 2005


WOW...
I will have time to lab test this tomorrow of Friday...
Well, maybe this could be done using lookbacks, and then sourceing the
traffic for E0

I'll put this in the lab and test it....
HMMMMM..

J

-----Original Message-----
From: Marty Adkins [mailto:adkins at netcraftsmen.net] 
Sent: Wednesday, January 05, 2005 5:20 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] eigrp question

Jim McBurnett wrote:
> 
> IE. In the PIX firewall, if I was to do this I would do it like this:
> 
> 1. STATIC command to allow X IP to inside router IP 2. ACL to permit 
> eigrp from external router only to internal router via the static 
> command 3. configure the neighbor command on the external and internal

> routers to identify each other.

How would the two routers/neighbors end up on a common subnet, as
required by EIGRP?

One other thing that surprised me is this statement in an EIGRP FAQ:
http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a008
012dac4.shtml#ten

"Although the neighbor command is accepted by the Cisco IOS(r) parser,
it should not be used. The neighbor statement does not behave as
intended and can have a negative effect on EIGRP neighbors."

Rodney, care to explain further?

> 4. Add a loopback interface on both routers with an unused IP address 
> to test the routing protocol.
> 5. Use access-list / route-maps to restrict the routes sent to and 
> from each router.
> 6. once communications was up, then secure it with MD5 7. remove the 
> loopbacks.
> 
- Marty
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list