The BGP multiple exit discriminator (MED, or MULTI_EXIT_DISC) is a non-transitive attribute, meaning that it is not propagated throughout the Internet, but only to adjacent autonomous systems.

Diagram:

AWS-----Perimieter Firewall-----DMZ firewall

1. Use the Prefix List to match the network.
2. Create a route map.

Configuring the MED Using the CLI:

config router route-map
    edit "NewMetric"
    config rule
        edit 1
            set match-ip-address "<Prefix_List_Name>"
            set set-metric 20
        next
    end
next
end

3. Use the route map in the outbound direction towards the DMZ peer.

config router bgp
    config neighbor
        edit "1.1.1.1"
            set route-map-out "NewMetric"
        end
    end
end

Configuring the MED Using the GUI: Go to Network -> Routing Objects -> Create New -> Route Map and define the required parameters to configure the MED.

Apply the Route Map to a BGP Neighbor: go to BGP -> Neighbors, and select the desired neighbor. Under Route Map Out, select the previously created route map from the dropdown list and Save the configuration