Cisco ASA: BGP routing

Design & Configure

Configuration General (17)

Design Corner (7)

DevOps (6)

Enterprise Routing (26)

Enterprise Switching (26)

Enterprise WAN (15)

LAN Security (2)

Network Security (34)

Network Services (3)

SD-WAN (6)

Cisco ASA: BGP routing

Technology: FIREWALLS

Area: Traffic restrictions

Vendor: CISCO

Software: CISCO ADAPTIVE SECURITY APPLIANCE (ASA), ASA-OS, 8.3+

Platform: CISCO ASA 5500, 5500-X

BGP runs between routers in different autonomous systems (or the same and then it is called iBGP). BGP routing is supported in Active/Standby and Active/Active HA configurations. Only the Active unit listens on the TCP port for BGP connections from peers.

To configure BGP configuration use the command below:

BGP routing on Cisco ASA

BGP routing configuration example (external BGP – eBGP):

----- ASA1 ------ router bgp 100 address-family ipv4 unicast neighbor 203.0.113.2 remote-as 200 network 192.168.10.0 mask 255.255.255.0 network 172.16.20.0 mask 255.255.255.0 network 10.106.44.0 mask 255.255.255.0

----- ASA2 ------ router bgp 200 address-family ipv4 unicast neighbor 203.0.113.1 remote-as 100 network 10.10.10.0 mask 255.255.255.0 network 10.180.10.0 mask 255.255.255.0 network 172.16.30.0 mask 255.255.255.0

Read about the BGP Communities

Author: Marcin Bialy