Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

BGP-Can I have multiple peer(router id' s) on FG620

I have internet connections with Time Warner Telecom and Level 3, they each want my peer address to the interface directly connected to their network. Is it possible to have a router ID for TWT (174.X.X.178) and router id for Level3 (4.X.X.26) and advertise 174.X.X.0/24 to each? I have my own AS and I have their AS information. In the GUI you can only add one router ID, is there a way to add multiple in the CLI?
6 REPLIES 6
laf
New Contributor II

ible to have a router ID for TWT (174.X.X.178) and router id for Level3 (4.X.X.26) and advertise 174.X.X.0/24 to each? I have my own AS and I have their AS information. In the GUI you can only add one router ID, is there a way to add mul
Hi, I doubt you can have more than one router ID - this is basic BGP definition. One router-ID for the AS number you re using with your BGP peers.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
emnoc
Esteemed Contributor III

You stating your question wrong , but you should be able to configured more than 1 BGP neighbor peer on the fortigate. Set or create the proper BGP configuration for the provider. But, I do think your going to run into problems with session states and from the different WAN interfaces. I think fortinet might have a work around for this. What I just did in the past, was to set Peripheral Edge devices ( cisco 3800 ) on the edge for both of my carrier and then ran a iBGP to the fortinets and cisco routers. Made life much easier and works flawlessly. Each FGT carries a specific /24 network behind it.

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Not applicable

Thanks for the replies. The reason I asked the question was due to TWT only wanting me to set up the interface connected to them to be the router id and level 3 was stating the same saying they wanted their interface to be the router ID. Since the FG only supports one Router ID, i may look into fronting my two internet connections with a couple of Cisco routers to run BGP and then redistribute down to the FG>
red_adair
New Contributor III

Did you think about using two VDOMs peering BGP each, and connecting to a " downstream" (direction Internal) VDOM with Intra-VDOM-Links ? -R.
emnoc
Esteemed Contributor III

A Router-ID and what establish the BGP session is one thing. As far as I know, only ONE BGP-ID. So how does BGP-provider " 1 or 2" , establish bgp with business that are dual, triple or even quad homed? I never in the 23+ years of doing ISP services , every heard of of a upstream mandating a particular BGP-ID. Nobody cares, just set your update source as that of the link termination address and go forward. What typically happens in very big networks that are multihomed. They assign a /32 loopback address and that becomes your BGP/OSPF router-id. This would probably not be practical in your case.

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Not applicable

Thanks Red and Emnoc. After a bit of " Non Church" suitable words, I was able to get both providers to recognize an old /32 address I had from Level3 back in the day. So now I am peered to ach of the providers with this single /32. I have always questioned how they peer with business that have multiple (3 or more) internet connections with various carriers. The one thing I had to remind myself is that the FG620B is a firewall and not a full fledged layer 3 routing core. Thanks again for the great responses.
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors