Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ddabhade
Staff
Staff

Created on ‎07-29-2022 09:18 AM Edited on ‎07-29-2022 09:19 AM By Anonymous

Technical Tip: BGP Extended community RT and SOO supported option on FortiGate

Description This article provides information regarding the supported option of BGP extended community RT and SOO on FortiGate.
Scope FortiGate, BGP.
Solution

The Extended Community RT and SOO in route-map can be set, but could not match it at remote peer BGP with route-map.


By design, FortiGate does not support to match extended community match in route-map.

 

BGP  Test Topology:

 

FG101F-6 (10.109.16.249) ---------BGP ------ (10.109.21.109) universe-esx21 (FortiGate VM )

 

ddabhade_0-1659104158426.png

 

- Route-map config on FG101F-6 : The Extended community RT and SOO can be set.

 

ddabhade_1-1659104242587.png

 

- BGP config and Remote end.

 

ddabhade_2-1659104381905.png

 

Getting Extended community SOO and RT from the neighbor  10.109.16.249.

 

ddabhade_3-1659104451472.png

 

But in route-map there is no option to match extended community only the option to set it.

 

ddabhade_4-1659105052586.png

 
Labels:
280
0 Kudos
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.