Skip to main content
s_latifi
s_latifi
New Member
December 13, 2016
Question

Can't Set Public IP on Dual Wan with BGP Service

  • December 13, 2016
  • 1 reply
  • 2616 views

Hello every body...

I have a Fortigate 200D as edge router/firewall. I have 3 Wan link. One DSL for users Internet and 2 Links with BGP for Access local servers from outside.Also the company has purchased one /24 ip range from RIPE with Public AS number and Company Web site is set to these IPs in public DNSs.

Now I have this problem. I made a Zone and joined two WAN links to it and configed both BGPs and every thing goes fine. But I have to Set my /24 public IPs on one WAN link as "secondary IP address" on each wan that has the main Default route (for example when default 0.0.0.0 is on WAN1, I need to set my public IPs as "secondary IP address" on WAN1 and when I need to change my Link to WAN2, I have to manually remove IPs from WAN1 and Add it to WAN2...)

Whats should I do for this problem? Is there any way not to change IPs each time ???

Thanks every one

    1 reply

    hif
    hif
    Visitor III
    December 19, 2016

    I'm no expert on BGP, but here's what I've done in my lab using 5.2 and 5.4.

     

    You can either use a loopback interface and put your /24 on this.

    You'll need a policy for incoming traffic, iirc.

     

    or

     

    you can create a blackhole route with your public /24.

     

    Both options work for me in my lab.

    Got to announce my prefix to my neighbors and NAT/portforward/zones/pools/vpn works.

    Terms & ConditionsAccessibility statement