BGP with 2 ISP, prefix unreacheable from random sources.
Hi, guys! I have FG200F, 2 ISP peers established connection with options "Enforce eBGP multihop" and "soft reconfiguration", one of them(marked as IGP) is "best-path", second is "Incomplete". Option "EBGP multi path" enabled in best path selection section. Prefix advertised to both peers, two path for 0.0.0.0 avaible. However, customers using different providers have random access to mapped sites - tested, no ping. Looking Glass ping services shows different results. Links work well independently though. I tried to use different maps-in and out, but to no avail. BGPview.io shows 2 peers and draws Graphs. What seems to be a problem?
What is actually "a problem"? You seem to have your own public subnets advertising two network providers equally. Those subnets are available via both providers for the rest of the internet without any prioritization. Then depending on where the customers are or what provider they use and which your provider is "closer" to their provider they might come through one path over the other or opposite. And, you don't have any control over it and it might change any moment. Isn't that your design?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.