Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiGate / FortiOS 7.6.0 Administration Guide
    7.6.0
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0

    BGP

    BGP

    Border Gateway Protocol (BGP) is a standardized routing protocol that is used to route traffic across the internet. It exchanges routing information between Autonomous Systems (AS) on the internet and makes routing decisions based on path, network policies, and rule sets. BGP contains two distinct subsets: internal BGP (iBGP) and external BGP (eBGP). iBGP is intended for use within your own networks. eBGP is used to connect different networks together and is the main routing protocol for the internet backbone.

    To configure BGP in the GUI, go to Network > BGP:

    Option

    Description

    Local AS

    The AS number for the local router.

    Router ID

    A unique ID to identify your router in the network, typically in the format x.x.x.x.

    Neighbors

    The neighbors that the FortiGate will be peering with. Configure the remote router's AS number, any other properties used for peering with the neighbor, and IPv4 and IPv6 filtering.

    Neighbor Groups

    The neighbor groups that share the same outbound policy configurations.

    Neighbor Ranges

    The source address range of BGP neighbors that will be automatically assigned to a neighbor group.

    Networks

    The IPv4 networks to be advertised to other BGP routers. Choose from:

    IPv6 Networks

    The IPv6 networks to be advertised to other BGP routers.

    IPv4 & IPv6 Redistribute

    Enable redistribution by protocol. Specify either All routes, or Filter by route map.

    Dampening

    Enable route flap dampening to reduce the propagation of flapping routes.

    Graceful Restart

    Enable BGP graceful restart, which causes the adjacent routers to keep routes active while the BGP peering is restarted on the FortiGate. This is useful in HA instances when failover occurs.

    Advanced Options

    Various advanced settings, such as Local Preference, Distance internal, Keepalive, Holdtime, and others

    Best Path Selection

    Configure path selection attributes on this router.

    This section includes the following topics:

    Previous
    Next

    More Links

    ADVPN and shortcut paths
    ADVPN with BGP as the routing protocol
    Applying BGP route-map to multiple BGP neighbors
    Assigning multiple remote Autonomous Systems to a single BGP neighbor group
    Basic BGP example
    BGP conditional advertisement
    BGP error handling per RFC 7606
    BGP multi-exit discriminator
    BGP multiple path support
    BGP neighbor password
    BGP next hop tag-match mode
    Configuring RADIUS SSO authentication
    Controlling traffic with BGP route mapping and service rules
    Defining a preferred source IP for local-out egress interfaces on BGP routes
    IBGP and EBGP support in VRF
    IKEv2 IPsec site-to-site VPN to an AWS VPN gateway
    Next hop recursive resolution using ECMP routes
    Next hop recursive resolution using IPv6 prefix with on-link flag from route aggregation New
    Next hop recursive resolution using other BGP routes
    Route filtering with a distribution list
    Route leaking between VRFs with BGP
    SD-WAN related diagnose commands
    TCP Authentication Option advanced security measures
    Troubleshooting BGP
    Using BGP tags with SD-WAN rules
    Using multiple members per SD-WAN neighbor configuration

    BGP

    BGP

    Border Gateway Protocol (BGP) is a standardized routing protocol that is used to route traffic across the internet. It exchanges routing information between Autonomous Systems (AS) on the internet and makes routing decisions based on path, network policies, and rule sets. BGP contains two distinct subsets: internal BGP (iBGP) and external BGP (eBGP). iBGP is intended for use within your own networks. eBGP is used to connect different networks together and is the main routing protocol for the internet backbone.

    To configure BGP in the GUI, go to Network > BGP:

    Option

    Description

    Local AS

    The AS number for the local router.

    Router ID

    A unique ID to identify your router in the network, typically in the format x.x.x.x.

    Neighbors

    The neighbors that the FortiGate will be peering with. Configure the remote router's AS number, any other properties used for peering with the neighbor, and IPv4 and IPv6 filtering.

    Neighbor Groups

    The neighbor groups that share the same outbound policy configurations.

    Neighbor Ranges

    The source address range of BGP neighbors that will be automatically assigned to a neighbor group.

    Networks

    The IPv4 networks to be advertised to other BGP routers. Choose from:

    IPv6 Networks

    The IPv6 networks to be advertised to other BGP routers.

    IPv4 & IPv6 Redistribute

    Enable redistribution by protocol. Specify either All routes, or Filter by route map.

    Dampening

    Enable route flap dampening to reduce the propagation of flapping routes.

    Graceful Restart

    Enable BGP graceful restart, which causes the adjacent routers to keep routes active while the BGP peering is restarted on the FortiGate. This is useful in HA instances when failover occurs.

    Advanced Options

    Various advanced settings, such as Local Preference, Distance internal, Keepalive, Holdtime, and others

    Best Path Selection

    Configure path selection attributes on this router.

    This section includes the following topics:

    Previous
    Next