Dears, I am seriously confused here .... i made a very simple setup to test BGP between 2 routers , putting 1 ASA in the middle and was doing the lab, that finally i noticed something strang ??? my ROUTES are all OK , i can learn routes on the remote routers thru ASA, and i did the TCP-OPTIONS and also RANDOM SEQ. disable, and since nat-control was enabled, I also did the static IDENTITY NAT .... but PING is not working............................ !!! I am pasting the configs..
" EXPERTS....guide me ..plz " * R1 -- > ASA ---- R2 * R1 : === interface Loopback1 ip address 11.11.11.11 255.255.255.255 ! interface Loopback100 ip address 100.100.100.100 255.255.255.0 ! interface FastEthernet0/1 ip address 2.2.2.1 255.255.255.0 duplex auto speed auto ! router rip version 2 network 2.0.0.0 network 11.0.0.0 no auto-summary ! router bgp 2 no synchronization bgp log-neighbor-changes network 100.100.100.0 mask 255.255.255.0 neighbor 20.20.20.20 remote-as 1 neighbor 20.20.20.20 password x neighbor 20.20.20.20 ebgp-multihop 10 neighbor 20.20.20.20 update-source Loopback1 no auto-summary ASA : ====== interface Ethernet0/0 description Connected to R2 nameif outside security-level 0 ip address 1.1.1.2 255.255.255.0 ! interface Ethernet0/1 description Connected to R1 nameif inside security-level 100 ip address 2.2.2.2 255.255.255.0 access-list outside-in extended permit icmp any any access-list outside-in extended permit tcp any any eq bgp ! tcp-map OPTION19 tcp-options range 19 19 allow pager lines 24 logging console debugging logging buffered debugging mtu outside 1500 mtu inside 1500 no failover icmp unreachable rate-limit 1 burst-size 1 icmp permit any outside icmp permit any inside no asdm history enable arp timeout 14400 nat-control global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) 11.11.11.11 11.11.11.11 netmask 255.255.255.255 access-group outside-in in interface outside ! router ospf 1 network 1.1.1.0 255.255.255.0 area 0 log-adj-changes redistribute rip metric 1 subnets ! router rip network 2.0.0.0 redistribute ospf 1 metric 1 version 2 no auto-summary ! class-map BGP_CMAP match port tcp eq bgp class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class BGP_CMAP set connection random-sequence-number disable set connection advanced-options OPTION19 class inspection_default ! service-policy global_policy global prompt hostname priority context Cryptochecksum:65755c185976d9164a0b06eee25f2f42 R2 : ====== interface Loopback2 ip address 20.20.20.20 255.255.255.255 ! interface Loopback200 ip address 200.200.200.200 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.1.1 255.255.255.0 duplex auto speed auto ! router ospf 1 log-adjacency-changes network 1.1.1.0 0.0.0.255 area 0 network 20.20.20.20 0.0.0.0 area 1 ! router bgp 1 no synchronization bgp log-neighbor-changes network 200.200.200.0 neighbor 11.11.11.11 remote-as 2 neighbor 11.11.11.11 password x neighbor 11.11.11.11 ebgp-multihop 10 neighbor 11.11.11.11 update-source Loopback2 no auto-summary --------------------------------------------------------------------------------------------------------------------------------------- Guide me to understand this PING issue for BGP network !!!!
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
