We've configured BGP between Paloalto to Azure by using EBGP. The bgp is established but in RIB Out noticed that prefix 0.0.0.0/0 advertised to the peer respective azure.
How to remove this, because due to this the users in bgp unable to access the internet.
If I enable the "reject default route" option does this help? or cause any problem with all other bgp connections?
can anyone help & give your valuable suggestion here.
This should work for you as it till not accept the default route advertised by the peer:
"Select to ignore any default routes that are advertised by BGP peers."
You can always open a TAC case to ask. While I'm not a BGP expert, I used OSPF quite extensively and have this option set on my PAN's that are boarder devices.
1. The "reject default route" from your screenshot is doing the opposite to what you want. This option will force the firewall to reject default route received by any BGP peer. To answer how it will affect your setup depends entirely of that how your firewall is receiving the default route (does it receive it via BGP or by other way static, ospf, etc). To answer will it solve your issue - definitely no. This option is to reject receiving default and you are trying to block advertisement (to specific peer)
2. The proper way to select/filter what you advertise to BGP peers is the Export rules. It is impotent to notice the following - from this document (which is not exactly what you need, but doesn't matter)
There is an implicit deny rule that is triggered once any rules are created in the export or import tabs (the same is true for OSPF export). Add an allow rule to make sure you are importing other prefixes. The Import tab should now appear like the following:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!