03-05-2019 09:11 PM
Hi Everyone,
Does anyone able to migrate the EIGRP config in Expedition during migraition from other vendors like Cisco ASA , Checkpoint firewalls?
I have a cisco ASA 5525 configured with EIGRP and when I imported the policy file into expedition for migration it does only showing the static routes and some unrelated information(XML code) about BGP?( I can manually configure the EIGRP on palo alto after config migration but I wonder about the migration tool and making sure I am not missing anything here!)
Does this mean it only migrates the BGP config not any other dynamic routing protocols?
Please let me know what have you done to have this migrated or if know how to do it. any inputs are much appriciated.
Best regards,
Nagarjuna
03-06-2019 02:15 AM
Unfortunately EIGRP is a Cisco propriotry routing protocol and not available on PANOS. Only static, OSPF and BGP are available on the PAN appliances.
With that said, Expedition does transfer all your routing information, just not EIGRP.
Hope that helps,
Bob
03-06-2019 02:15 AM
Unfortunately EIGRP is a Cisco propriotry routing protocol and not available on PANOS. Only static, OSPF and BGP are available on the PAN appliances.
With that said, Expedition does transfer all your routing information, just not EIGRP.
Hope that helps,
Bob
03-06-2019 09:42 AM
Didn't realize that PAN do not support EIGRP. Thanks for the response. I belive RIP config is also supported along with the list you mentioned.
Best regards,
Nagarjuna
06-20-2019 07:49 AM
Actually, Cisco has made EIGRP an open standard per RFC7868 since 2016.
We'd love to see Palo Alto firewalls implement EIGRP as a supported routing protocol where it will be much easier to intergrate with an already established Cisco network topology.
Currently, we still have Cisco ASA/FirePowers for this sepecific reason (EIGRP)... Just drop it in and it works, without redoing dynamic routing configuration and involve various other teams.
02-12-2020 11:00 AM
Which protocol will be best to choose instead of eigrp for the hub and 100 branches?
BGP, OSPF oraz BFD witch monitoring?
02-13-2020 06:59 AM
I guess this topic would be better resolved in the PANOS threads, as the content in this site is more related to Expedition and the audience may not be able to provide you the same level of assistance as you would get in a more specifically related one.
05-05-2020 06:25 AM
Either OSPF and BGP would work. It depends on which you are most comfortable with and your level of experience with it. I personally would go with OSPF.
HTH,
Bob
05-05-2020 07:07 AM
Hello,
The problem with OSPF will be the amount of SPF recalculations that could happen with 100 end points should they flap. You would need to adjust the recalculations and it might not be worth it. When you say BGP with BFD I assume you are saying IBGP, and that depends on your redundancy setup at your spoke sites but it could be a good HA setup for fast recovery.
Generally a good setup is a mix of eBGP and iBGP with BFD. As Didac has mentioned this forum is more related to expedition. For more information or network design I would recommend Orhan Ergun’s book on the CCDE, it has lots of great information.
Good luck with your deployment!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
