Fortinet black logo

AWS Administration Guide

Home FortiGate Public Cloud 7.0.0 AWS Administration Guide

Verifying the configuration

7.0.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0
Copy Link
Copy Doc ID e129c4eb-867b-11eb-9995-00505692583a:669599
Download PDF

Verifying the configuration

To verify the configuration:
  1. In the FortiOS CLI, enter the following commands to verify the routes received and advertised via BGP between the FortiGate and TGW. See Technical Tip: How to check BGP advertised and received routes on a FortiGate for details:

    get router info bgp neighbors <neighbor_IP> received-routes

    get router info bgp neighbors <neighbor_IP> advertised-routes

    In a successful scenario, Customer VPC routes should be visible to the FortiGate via the TGW. You should be able to verify this on both FortiGate instances.

  2. Verify the TGW BGP status. On the AWS management console, go to VPC Dashboard > Transit Gateways > Transit Gateway Attachments. Select the TGW Connect attachment, then go to the Connect peers tab. Confirm that the TGW BGP 1 and 2 Status display as UP.
  3. Verify the TGW BGP status for both connect peers in the TGW route table. On the AWS management console, go to VPC Dashboard > Transit Gateways > Transit Gateway Route Tables. Select the default TGW route table, and go to the Routes tab. You should see several propagated routes with the Connect resource type.
Previous
Next

Verifying the configuration

To verify the configuration:
  1. In the FortiOS CLI, enter the following commands to verify the routes received and advertised via BGP between the FortiGate and TGW. See Technical Tip: How to check BGP advertised and received routes on a FortiGate for details:

    get router info bgp neighbors <neighbor_IP> received-routes

    get router info bgp neighbors <neighbor_IP> advertised-routes

    In a successful scenario, Customer VPC routes should be visible to the FortiGate via the TGW. You should be able to verify this on both FortiGate instances.

  2. Verify the TGW BGP status. On the AWS management console, go to VPC Dashboard > Transit Gateways > Transit Gateway Attachments. Select the TGW Connect attachment, then go to the Connect peers tab. Confirm that the TGW BGP 1 and 2 Status display as UP.
  3. Verify the TGW BGP status for both connect peers in the TGW route table. On the AWS management console, go to VPC Dashboard > Transit Gateways > Transit Gateway Route Tables. Select the default TGW route table, and go to the Routes tab. You should see several propagated routes with the Connect resource type.
Previous
Next