Skip to main content
canoas
canoas
Visitor III
June 9, 2025
Solved

Fortigate - BGP peer groups

  • June 9, 2025
  • 3 replies
  • 1806 views

Hi all,

 

Do Fortigate Firewalls support "BGP peer groups" by sharing the same outbound policies and setting instead of configuring each BGP neighbor individually and updates replicated to all peer group members.

 

I can't seem to find any docs or commands that support BGP peer group config on a Fortigate like a Cisco or Arista Switch.

 

 

Best answer by funkylicious

hi,

maybe neighbor-group command is what you are looking here 

3 replies

funkylicious
SuperUser
funkyliciousAnswer
SuperUser
June 9, 2025

hi,

maybe neighbor-group command is what you are looking here 

"jack of all trades, master of none"
Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
June 9, 2025

or, look at this recent conversation for examples.
https://community.fortinet.com/t5/Support-Forum/BGP-neighbor-group-implementation/m-p/393281#M269803

Toshi

    canoas
    canoasAuthor
    Visitor III
    June 9, 2025

    There only seems to be a range option; i.e., you cannot stipulate the neighbor-group association under a peer config. With Cisco and Arista, however, you can do this. I would need to test to see if the range covers multiple /32 networks and how many entries can be added. In my setup, I don't want to add subnet ranges. This may be a FortiGate limitation. 

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    June 9, 2025

    As mentioned in the thread, this part of BGP configuration feature is not in the standards. Each implementation by vendors can be different based on their own interpretation how this should work. As @Yurisk mentioned, you eventually need to test yourself to confirm the behaviors of FGT. No surprise if it's different from other vendors or your expectation.

    Toshi    

    Terms & ConditionsAccessibility statement