Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aidnet
Contributor

CREATING BGP NEIGHBOR ON SDWAN

hello guys i have this challenge on BGP neighbor for sdwan WhatsApp Image 2024-06-07 at 10.40.49_d9cb21ab.jpg

ALMkunwa
ALMkunwa
2 Solutions
smkml
Staff
Staff

Hi @aidnet ,

 

Kindly note on the error that mentioned where need to add the value. From the latest error I can see it pointed out to neighbour-group > VPN1 > allowas-in-vpn4, and probably pointed out in ipv6 too. 

allowas in.png

View solution in original post

funkylicious

hi @smkml , what version of FMG is that ? I cannot see in FMG 7.2.4 that option under Advanced Options.

"jack of all trades, master of none"

View solution in original post

"jack of all trades, master of none"
14 REPLIES 14
funkylicious
SuperUser
SuperUser

Hi, 
When you edit the BGP neighbor, there is an option under IPv4 Filtering, which I think you enabled called Allow AS In, which requires to insert a value between 1 and 10

 

https://docs.fortinet.com/document/fortigate/6.4.4/cli-reference/557620/config-router-bgp

 

allowas-in IPv4 The maximum number of occurrence of my AS number allowed.

integer  Minimum value: 1 Maximum value: 10

 

"jack of all trades, master of none"
"jack of all trades, master of none"
aidnet

yes i have put the value but still i gate the same error

Screenshot_1.png

ALMkunwa
ALMkunwa
funkylicious
SuperUser
SuperUser

Sorry, it's for the Neighbor Group menu in the Template, not Neighbors.

You should have one called VPN1 and under it, Activate IPv4 > Allow AS IN 

"jack of all trades, master of none"
"jack of all trades, master of none"
aidnet

i have changed the value but still i get the errorScreenshot_3.pngScreenshot_2.png

ALMkunwa
ALMkunwa
funkylicious
SuperUser
SuperUser

I am out of ideas on what issue you are facing.

I've tried myself creating a new template from scratch and worked.

 

Do you need allowas-in parameter to be enabled, cuz I would try to disable it and see if works, then enabling it back.

"jack of all trades, master of none"
"jack of all trades, master of none"
aidnet

no i do not want it to be enable and i have turned off but still i get the same eror

ALMkunwa
ALMkunwa
aidnet

i have deleted and created new but same error

ALMkunwa
ALMkunwa
both_alx

insert a value like "2" to all allowasin fields in ipv4, ipv6 and advanced options. save and click ok. than you can go back and disable filtering. seems to be a bug FGM Firmware Version under 7.4.4

smkml
Staff
Staff

Hi @aidnet ,

 

Kindly note on the error that mentioned where need to add the value. From the latest error I can see it pointed out to neighbour-group > VPN1 > allowas-in-vpn4, and probably pointed out in ipv6 too. 

allowas in.png

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors