I am running VM-500 in cluster on 8.1.4 . I have global protect configured with ip pool of /24.
I need to redistribute this range via bgp. I can see this range in the routing table.
If the subnet is in the local routing table we can distribute it via a bgp peer.
Is this iBGP or eBGP
What is the current redsitribution rules you have on the peering?
Where do you see the route learned and where is it missing?
Yes you can.
There are actually two ways to accomplish this:
Using redistribution profile gives you an option to advertise any prefix that is already in your routing table - static, directly connected, or dynamically learned from different routing protocol.
Howeve you can advertise any prefix even if it is not in your routing table. If you create BGP redistribution rule, without redistribution profile (just typing the prefix), the firewall will first create "dummy" or internal route for this network and then advertise it over BGP. The disatvantage of this approach is that the intrernal route will always be in the routing table and firewall will alway adv. via BGP, while if you are using redistribution profile matching some static routes it will stop adv. the route if the static is removed from the routing table (interface down or etc.)
I would suggest you to use the redistribution profile, that way the firewall will not require to create the additional internal route. If you create the redist. rule without profile you will have two routes for the GP IP pool (one as connected to the tunnel interface and one as internal "~")
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!