- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-30-2024 01:34 PM - edited 07-30-2024 01:37 PM
Need some help with advertising specific routes over BGP and hoping someone can help.
I have a site-to-site tunnel setup between AWS and my on-premise PA Firewall. I am receiving routes from AWS over BGP as expected. No issue there and I am able to create a redistribution profile & redist rule and advertise an existing static route listed within the PA's VR which points to my internal LAN i.e. 10.0.0.0/8 into BGP over to AWS. That said, I do not wish to advertise the entire 10.0.0.0/8 network but specific routes i.e. a 10.10.10.0/24 and have the ability not to advertise this to any other BGP peers I may have in the future under the same VR.
Thus far I have manage to just add the prefix i.e. 10.10.10.0/24 to a Redist rule which somewhat gives me the desired result and PA only advertises 10.10.10.0/24 into AWS. But I am concerned it will advertise this to other BGP peers so its no what I want.
I have tried to create an export rule which seems the way to go as this allows me to specify a prefix and peer i'd like to advertise this networks to and have better control but for some reason once I setup an export rule, I am unable to advertise the prefix.
With the export rule,
For some reason, PA is not advertising the routes and I am not seeing 10.10.10.0/24 under the loc-rib or rib-out
Does anyone know what I missing or doing wrong?
Thank you!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!