Yes, you need to allow TCP port 179 outbound... This way, only your
internal BGP speaker will be allowed to initiate the connection, and
external probes inbound on 179 will fail (No need to let those nasty
hacker know that you're running BGP through the firewall, right?).
Alan
----- Original Message -----
From: "Circusnuts"
To:
Sent: Monday, July 30, 2001 7:14 PM
Subject: BGP, TCP, & Firewalls [7:14286]
> I'm surveying a project I have been slated for @ work & I was
wondering if
> the
> BGP guru's could help clear-up a question. If I were to run
internal BGP &
> external BGP, am I forced to leave a TCP port open in the firewall
???
>
> I had not an answer when the customer asked me this :-P
>
> Thanks
> Phil
[EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14292&t=14286
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
