Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copper

allowing dynamic routing protocol updates through checkpoint firewall

So i came across this sk that explains how to allow ospf,rip,igrp,bgp updates but i do not see an explanation for eigrp? would i create a host object for 224.0.0.10 for eigrp (since thats the ip it uses for multicast updates) and for the rest do the same as say ospf for which is explained in the sk? and one more question regarding ospf, what is the 224.0.0.1 ip? i do know that ospf uses 224.0.0.5 , 224.0.0.6 for updates but what is 224.0.0.1? Also i do not see an "eigrp" under services, i see ospf, bgp,etc but no eigrp, im assuming i need to select igrp?

Running R80.20 by the way.

Sk being talked about-

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
6 Replies
Highlighted

Hello,


EIGRP is a Cisco proprietary protocol so you won't see anything about it.

As for , 224.0.0.1 : The All Hosts multicast group addresses all hosts on the same network segment.

 

BR,
Paul

0 Kudos
Highlighted
Copper

so there is no way for 2 cisco routers on either side of a checkpoint to share their eigrp updates through the firewall?

0 Kudos
Highlighted

You could create a separate service object for ip protocol 88 and see what happens or can leave Any ...
0 Kudos
Highlighted
Copper

ok thanks nothning too important as i was just trying out some routing protocols in my gns3 lab, decided to use ospf instead which is better i guess.
0 Kudos
Highlighted
Admin
Admin

EIGRP is a multicast protocol.
In addition to allowing the traffic in the Access Policy, you would need to set up something like PIM to forward the traffic as this traffic is not forwarded by default.
It might be easier to use a routing protocol that can operate unicast.
0 Kudos
Highlighted
Admin
Admin

Multicast traffic can be passed through, there are per-interface settings about that.

0 Kudos