Fortinet Document Library

Version:

Version:


Table of Contents

GCP Administration Guide

Download PDF
Copy Link

Configuring BGP neighbors

To configure BGP neighbors:
  1. Configure the remote site 1 FortiGate:
    1. Log in to the remote site 1 FortiGate.
    2. Set a unique AS number and route ID:

      config router bgp

      set as 7224

      set router-id 169.254.110.2

      end

    3. Configure the BGP neighbor. Use the IP address set on the tunnel interface in Configuring the tunnel interfaces as the neighbor IP address. Set the AS obtained from the NCC spoke 1 FortiGate as the remote AS number. Enable ebgp-enforce-multihop and soft-reconfiguration:

      config router bgp

      config neighbor

      edit "169.254.110.1"

      set ebgp-enforce-multihop enable

      set soft-reconfiguration enable

      set remote-as 7252

      next

      next

      end

    4. Configure the network. The network prefix here is the FortiGate port 2 subnet in the remote office:

      config network

      edit 1

      set prefix 172.31.0.0 255.255.240.0

      next

      end

  2. Configure the NCC spoke 1 FortiGate:
    1. Log in to the NCC spoke 1 FortiGate.
    2. Two BGP neighbors are already preconfigured from the initial script. o 192.168.205.101 and 192.168.205.102 are BGP neighbor associations for the cloud router located in the same region. Add a third BGP neighbor entry to peer the spoke 1 FortiGate to the remote site 1 FortiGate. Enable ebgp-enforce-multihop and soft-reconfiguration:

      config router bgp

      config neighbor

      edit "169.254.110.2"

      set ebgp-enforce-multihop enable

      set soft-reconfiguration enable

      set remote-as 7224

      next

      next

      end

Configuring BGP neighbors

To configure BGP neighbors:
  1. Configure the remote site 1 FortiGate:
    1. Log in to the remote site 1 FortiGate.
    2. Set a unique AS number and route ID:

      config router bgp

      set as 7224

      set router-id 169.254.110.2

      end

    3. Configure the BGP neighbor. Use the IP address set on the tunnel interface in Configuring the tunnel interfaces as the neighbor IP address. Set the AS obtained from the NCC spoke 1 FortiGate as the remote AS number. Enable ebgp-enforce-multihop and soft-reconfiguration:

      config router bgp

      config neighbor

      edit "169.254.110.1"

      set ebgp-enforce-multihop enable

      set soft-reconfiguration enable

      set remote-as 7252

      next

      next

      end

    4. Configure the network. The network prefix here is the FortiGate port 2 subnet in the remote office:

      config network

      edit 1

      set prefix 172.31.0.0 255.255.240.0

      next

      end

  2. Configure the NCC spoke 1 FortiGate:
    1. Log in to the NCC spoke 1 FortiGate.
    2. Two BGP neighbors are already preconfigured from the initial script. o 192.168.205.101 and 192.168.205.102 are BGP neighbor associations for the cloud router located in the same region. Add a third BGP neighbor entry to peer the spoke 1 FortiGate to the remote site 1 FortiGate. Enable ebgp-enforce-multihop and soft-reconfiguration:

      config router bgp

      config neighbor

      edit "169.254.110.2"

      set ebgp-enforce-multihop enable

      set soft-reconfiguration enable

      set remote-as 7224

      next

      next

      end