FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes how to set up EVPN (Ethernet VPN) between two FortiGates.
Scope
FortiGate v7.4.X and above.
Solution
If there are more than two VTEPs, enable 'route-reflector-client-evpn' in BGP on one of the VTEPs. For example, in this topology, if there was another VTEP, FG-VTEP3, enable route-reflector-client-evpn in FG-VTEP1 BGP configuration.
config router bgp set as 6500 set router-id 10.0.0.1 config neighbor edit "10.0.0.2" set capability-graceful-restart enable set soft-reconfiguration enable set remote-as 6500 set route-reflector-client-evpn enable next end
FG-VTEP3 configuration is similar to FG-VTEP2. FG-VTEP1 will reflect the MAC-IP Advertisement and IMET routes to FG-VTEP2 and FG-VTEP3.
