Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XGS bgp routing preference

Hello,
we use 2 internet lines and have set up 2 route based vpn tunnels. BGP is used as the routing protocol. What settings can we make so that the 1st internet connection is used first and the 2nd internet connection is only used if this is not available?

Thank you very much!



This thread was automatically locked due to age.
Parents
  • Hi, 

    The requirement can be achieved by configuring “weight” for the neighbors. The route from the neighbor configured with higher weight would be preferred and used as long as it is available. If that route goes down, the other route, with lesser weight, would be used.  

    The option to set weight is to be done via the CLI configuration as below: 

    bgp(config-router-af)# neighbor 1.1.1.1 weight 56 

    The above configuration would set all the routing updates received from 1.1.1.1 to have a weight of 56. (without this config, by default, weight assigned would be 0) 

    Hope this helps! 

    Thanks, 

  • what is the command on the console. We currently receive the message "unknown command"

  • After navigating to the cli interface to configure BGP  [Option 3 (Route Configuration) > Option 1 (Configure Unicast Routing) > Option 3 (Configure BGP).], you need to give the cli in "address-family" prompt : 

    bgp> en

    bgp# conf t

    bgp(config)# router bgp 300

    bgp(config-router)# neighbor 1.1.1.1 remote-as 5

    bgp(config-router)# address-family ipv4 unicast

    bgp(config-router-af)# neighbor 1.1.1.1 weight 56

    Pls save the config with the following cli: 

    bgp(config-router-af)#write 

  • after the command "router bgp ***" we get the message " BGP is already running" can the weighting not be adjusted afterwards?

  • In the CLI "router bgp <n>" , the parameter "n"is the AS configured in the device.  Please use the exact ASN that has been configured in your device. 

    We can configure/modify weight (or any other configuration) at any point of time. 

Reply Children