Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Azure vWAN SD-WAN NGFW Deployment Guide

    Home FortiGate Public Cloud 7.2.0 Azure vWAN SD-WAN NGFW Deployment Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Edits to BGP templates for Hub1 and Hub2

    Edits to BGP templates for Hub1 and Hub2

    Following is an overview of how to supplement BGP templates for Hub1 and Hub2:

    1. For Hub 1, edit the BGP template to create a new neighbor and edit the existing neighbor. See Editing the BGP template for Hub1.
    2. For Hub 2, edit the BGP template to create a new neighbor and edit the existing neighbor. See Edits to BGP templates for Hub1 and Hub2.
    3. Install the BGP template changes to Hub1 and Hub2. See Installing configuration changes to Hub1 and Hub2.

    Editing the BGP template for Hub1

    Edit the BGP template to create a new neighbor and edit the existing neighbor for Hub1.

    To edit the BGP template for Hub1:

    1. Go to Device Manager > Provisioning Templates > BGP.

    2. Double-click the BGP template named Hub1 to open it for editing.

    3. Click Create New to add a neighbor:

      1. Set the following options

        IP

        169.254.40.2

        Remote AS

        Same as your local AS
        Interface

        VXLAN-to-Hub2

        Note: This is case sensitive and based on the interface name in the CLI script above.

        IPv4 Filtering
        • Enable Route Reflector Client.
        • Enable Next hop self.

      2. Expand Advanced Options, and enable next-hop-self-rr.

      3. Click OK to save the new neighbor.

    4. Double-click the existing neighbor to open it for editing:

      1. Under IPv4 Filtering, verify that Route Reflect Client and Next hop self are selected.

      2. Under advanced, enable next-hop-self-rr.

      3. Add a weight of 1000 (all the way at the bottom of the advanced section)

      4. Click OK to save changes to the existing neighbor.

    5. Click OK again to save the Hub1 template.

    Editing the neighbor group for Hub2

    For the BGP template for Hub2, perform the same steps as above, except create the new neighbor with IP 169.254.40.1 and interface name VXLAN-to-Hub1.

    Installing configuration changes to Hub1 and Hub2

    To install configuration changes to Hub1 and Hub2:
    1. Go to Device Manager > Devices & Groups.
    2. Click Install Wizard.
    3. Select your Hub Group.
    4. Click Next.
    5. Click Install.
    Previous
    Next

    Edits to BGP templates for Hub1 and Hub2

    Edits to BGP templates for Hub1 and Hub2

    Following is an overview of how to supplement BGP templates for Hub1 and Hub2:

    1. For Hub 1, edit the BGP template to create a new neighbor and edit the existing neighbor. See Editing the BGP template for Hub1.
    2. For Hub 2, edit the BGP template to create a new neighbor and edit the existing neighbor. See Edits to BGP templates for Hub1 and Hub2.
    3. Install the BGP template changes to Hub1 and Hub2. See Installing configuration changes to Hub1 and Hub2.

    Editing the BGP template for Hub1

    Edit the BGP template to create a new neighbor and edit the existing neighbor for Hub1.

    To edit the BGP template for Hub1:

    1. Go to Device Manager > Provisioning Templates > BGP.

    2. Double-click the BGP template named Hub1 to open it for editing.

    3. Click Create New to add a neighbor:

      1. Set the following options

        IP

        169.254.40.2

        Remote AS

        Same as your local AS
        Interface

        VXLAN-to-Hub2

        Note: This is case sensitive and based on the interface name in the CLI script above.

        IPv4 Filtering
        • Enable Route Reflector Client.
        • Enable Next hop self.

      2. Expand Advanced Options, and enable next-hop-self-rr.

      3. Click OK to save the new neighbor.

    4. Double-click the existing neighbor to open it for editing:

      1. Under IPv4 Filtering, verify that Route Reflect Client and Next hop self are selected.

      2. Under advanced, enable next-hop-self-rr.

      3. Add a weight of 1000 (all the way at the bottom of the advanced section)

      4. Click OK to save changes to the existing neighbor.

    5. Click OK again to save the Hub1 template.

    Editing the neighbor group for Hub2

    For the BGP template for Hub2, perform the same steps as above, except create the new neighbor with IP 169.254.40.1 and interface name VXLAN-to-Hub1.

    Installing configuration changes to Hub1 and Hub2

    To install configuration changes to Hub1 and Hub2:
    1. Go to Device Manager > Devices & Groups.
    2. Click Install Wizard.
    3. Select your Hub Group.
    4. Click Next.
    5. Click Install.
    Previous
    Next