Trying to configure Fortigate for BGP multihomng with 2 ISP.
I was wondering how can I create the route that I advertised to EBGP ?
I want to be able to create VIP to them back to LAN adresses (My servers)
Can it be a Loopback address?
I found this article:
But they create vDom in order to create the root 188.8.131.52 to advertise.
Is there any other way?
The reason separated vdom between root for the VIP root and routing for two outside interfaces in the article is due to vip config requiring "extintf" as in the config.
config firewall vip
set extip 184.108.40.206
set extintf "vdl0"
set mappedip 10.10.1.1
I don't know any other way around because when I tried configuring the same VIP for two different external interfaces like wan1 and wan2, I got an error below and it didn't take for the second vip.
"The virtual IP is overlapped with another VIP entry-vip01."
I think separating those vdoms and applying vip to vdom-link is a smart way and the only way if the incoming interface can change.
How about creating a blackhole route?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.