Juniper does this very well. Also, the zone based firewall and virtual routers work well with this. It will allow different default routes for the trust and untrust segments for example.
On Fri, Oct 29, 2010 at 4:06 PM, Ge Moua <[email protected]> wrote: > we too have a need for Cisco firewalls to speak BGP, especially at some our > smaller mpls vrf borders; we get around this by running the Cisco firewall > in transparent mode (layer-2 mode) which allows for the bgp sessions to be > built without any layer 3 boundary on the firewall to prohibit bgp sessions. > > of course this doesn't address the need for bgp on the cisco firewall but > does provide a work-around for the lack of. > > i too am would like to see bgp on cisco firewalls > > -- > Regards, > Ge Moua > Network Design Engineer > > University of Minnesota | OIT - NTS > -- > > > > > [email protected] wrote: > >> At this moment we know that ASA5585-X does not support BGP. >>>> >>>> >>> I'm sure it doesn't. Routers are routers, firewalls are firewalls. >>> >>> >> >> There are several firewall platforms that support BGP - and this can >> actually be quite useful. Fortigate is one of them. >> >> Steinar Haug, Nethelp consulting, [email protected] >> _______________________________________________ >> cisco-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> >> > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
