I have a hub with a single WAN link, in the HUB sit my FAZ and FMG.
I have spokes with 2x WAN links, these are various client sites.
I have configured 2x Dialup IPsec tunnels over the 2 spoke links to the 1 Hub link successfully. The challenge so far is getting BGP to work. BGP over the first tunnel is working and I have a route at my spoke for the hub network. BGP over the second tunnel doesn't seem to be advertising the prefix.
Does anyone have any tips or links to some cookbooks that can help me out?
Perhaps I should be a little more descriptive. What I would do in your case would be decide which hub you want to be primary. Then create a route map (in Cisco) that applies a higher local preference to routes recieved from that hub. Then those routes will be preferred to routes recieved from the secondary hub.
Hi @ellab.,
Please refer to https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/820072/advpn-with-bgp-as-the...
Regards,
If you can post "show router bgp" on both sides and "get router info bgp neighbor <neighbor_IP:second leg> advertised-route" at the spoke, someone would be able to comment on.
Toshi
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.