config router access-list edit "match_all_routes" config rule edit 1 set action deny set exact-match disable next end next end config router route-map edit "route_map_out_deny_all" config rule edit 1 set action deny set match-ip-address "match_all_routes" next end next end config router bgp set as 65110 config neighbor edit "172.31.224.136" set remote-as 65136 next edit "192.168.182.78" set remote-as 65078 set route-map-out "route_map_out_deny_all" next edit "172.31.224.66" set remote-as 65066 next end set router-id 172.31.224.110 end |
config router access-list edit "only_local_subnet" config rule edit 1 set action permit set prefix 192.168.182.0 255.255.254.0 set exact-match enable next edit 2 set action deny set prefix any set exact-match disable next end next end config router route-map edit "only_local_subnets" config rule edit 1 set match-ip-address "only_local_subnets" next end next end config router bgp config neighbor edit "172.31.224.136" set remote-as 65136 set route-map-out "only_local_subnets" next edit "172.31.224.66" set remote-as 65066 set route-map-out "only_local_subnets" next edit "192.168.182.78" set remote-as 65078 next end |
S* 0.0.0.0/0 [10/0] via 172.31.225.254, port1 C 10.10.10.0/24 is directly connected, port4 B 10.158.0.0/23 [20/0] via 172.31.224.110, port1, 00:02:54 C 10.160.0.0/23 is directly connected, port2 B 10.161.0.0/23 [20/0] via 172.31.224.66, port1, 00:02:54 B 10.162.0.0/23 [20/0] via 172.31.224.66, port1, 00:02:54 C 172.31.224.0/23 is directly connected, port1 B 192.168.182.0/23 [20/0] via 172.31.224.110, port1, 00:02:54 |
S* 0.0.0.0/0 [10/0] via 192.168.183.254, wan1 B 10.10.10.0/24 [20/0] via 192.168.182.110, wan1, 00:04:07 C 10.158.0.0/23 is directly connected, internal B 10.160.0.0/23 [20/0] via 192.168.182.110, wan1, 00:04:07 B 10.161.0.0/23 [20/0] via 192.168.182.110, wan1, 00:03:41 B 10.162.0.0/23 [20/0] via 192.168.182.110, wan1, 00:03:41 B 172.31.224.0/23 [20/0] via 192.168.182.110, wan1, 00:04:07 C 192.168.182.0/23 is directly connected, wan1 |
S* 0.0.0.0/0 [10/0] via 172.31.225.254, port1 C 10.10.10.0/24 is directly connected, port4 B 10.158.0.0/23 [20/0] via 172.31.224.110, port1, 00:02:54 C 10.160.0.0/23 is directly connected, port2 B 10.161.0.0/23 [20/0] via 172.31.224.66, port1, 00:02:54 B 10.162.0.0/23 [20/0] via 172.31.224.66, port1, 00:02:54 C 172.31.224.0/23 is directly connected, port1 B 192.168.182.0/23 [20/0] via 172.31.224.110, port1, 00:02:54 |
S* 0.0.0.0/0 [10/0] via 192.168.183.254, wan1 C 10.158.0.0/23 is directly connected, internal C 192.168.182.0/23 is directly connected, wan1 |
Related Articles
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.