EIGRP through the fortigate in transparent mode - corrected

Author
AlexFeren
Gold Member
  • Total Posts : 134
  • Scores: 6
  • Reward points: 0
  • Joined: 2011/10/05 17:04:08
  • Status: offline
2019/10/09 00:18:13 (permalink)
0

EIGRP through the fortigate in transparent mode - corrected

Since original "Eigrp throug the fortigate in transparent mode" thread is locked, I wanted to correct it for posterity.
 
In it, the statement "EIGRP is multicast protocol IP 88" is partially incorrect - indeed EIGRP is BOTH Multicast and Unicast. (For explanation, see "EIGRP startup process - Unicast and multicast Updates containing topology information".)
 
So, enabling multicast-skip-policy is insufficient - a (Unicast) firewall policy to cover protocol 88 is needed.
post edited by AlexFeren - 2019/10/09 00:19:25
#1

1 Reply Related Threads

    emnoc
    Expert Member
    • Total Posts : 5301
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: online
    Re: EIGRP through the fortigate in transparent mode - corrected 2019/10/09 00:55:08 (permalink)
    0
    Your 100% correct that it's not  100% mcast. In fact, OSPF is ALSO  the same and many mistakes that it uses mcast only. Typically neighbor discovery is mcast and updates are unicast for both protocols.
     
    Ken Felix

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5