Technology: FIREWALLS

Area: Traffic restrictions

Vendor: CISCO

Software: CISCO ADAPTIVE SECURITY APPLIANCE (ASA) , ASA-OS, 8.3+

Platform: CISCO ASA 5500, 5500-X

BGP runs between routers in different autonomous systems (or the same and then it is called iBGP). BGP is supported in Active/Standby and Active/Active HA configurations. Only the Active unit listens on TCP port for BGP connections from peers.

To configure BGP configuration use command below:

BGP configuration example (external BGP – eBGP):


----- ASA1 ------
router bgp 100
address-family ipv4 unicast
neighbor 203.0.113.2 remote-as 200
network 192.168.10.0 mask 255.255.255.0
network 172.16.20.0 mask 255.255.255.0
network 10.106.44.0 mask 255.255.255.0


----- ASA2 ------
router bgp 200
address-family ipv4 unicast
neighbor 203.0.113.1 remote-as 100
network 10.10.10.0 mask 255.255.255.0
network 10.180.10.0 mask 255.255.255.0
network 172.16.30.0 mask 255.255.255.0

Read about the BGP Communities