Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jackie_T
Staff
Staff

Created on ‎12-13-2023 10:50 PM

Article Id 289206

Technical Tip: VPN4 and VPN6 Address Family for BGP in FortiOS

Description

This article describes that the most common address families are IPv4 and IPv6. For BGP and MPLS, it is possible to have VPN-IPV4/IPv6 as well.

Starting from v7.2.0 and v7.4.0, a new address family has been supported by the BGP: VPNv4 /VPNv6 address family.

Address family configuration tells what the supported routing information in a single BGP session is.
Scope

FortiGate v7.2.x and v7.4.x. 
Solution

Starting from v7.2.0 and v7.4.0, VPN-IPv4/VPN-IPv6 are supported by default and this feature is enabled by default.

Below are the command line settings:

 

config router bgp

    config neighbor

        edit <enighbor>

            set activate-vpnv4 enable

            set activate-vpnv6 enable

 

If the remote BGP neighbor does not support VPNv4 and VPNv6 address family, it is necessary to disable the feature by setting it to disable:

 

config router bgp

    config neighbor

        edit <enighbor>

            set activate-vpnv4 disable

            set activate-vpnv6 disable
584
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.