[c-nsp] BGP support on the new ASA5585-X

Keegan Holley keegan.holley at sungard.com
Fri Oct 29 17:45:33 EDT 2010


Juniper does this very well. Also, the zone based firewall and virtual
routers work well with this.  It will allow different default routes for the
trust and untrust segments for example.


On Fri, Oct 29, 2010 at 4:06 PM, Ge Moua <moua0100 at umn.edu> wrote:

> we too have a need for Cisco firewalls to speak BGP, especially at some our
> smaller mpls vrf borders; we get around this by running the Cisco firewall
> in transparent mode (layer-2 mode) which allows for the bgp sessions to be
> built without any layer 3 boundary on the firewall to prohibit bgp sessions.
>
> of course this doesn't address the need for bgp on the cisco firewall but
> does provide a work-around for the lack of.
>
> i too am would like to see bgp on cisco firewalls
>
> --
> Regards,
> Ge Moua
> Network Design Engineer
>
> University of Minnesota | OIT - NTS
> --
>
>
>
>
> sthaug at nethelp.no wrote:
>
>> At this moment we know that ASA5585-X does not support BGP.
>>>>
>>>>
>>> I'm sure it doesn't.  Routers are routers, firewalls are firewalls.
>>>
>>>
>>
>> There are several firewall platforms that support BGP - and this can
>> actually be quite useful. Fortigate is one of them.
>>
>> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>


More information about the cisco-nsp mailing list