This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Dhruvkumar_Pate
Participant
‎2018-12-03 03:40 AM

CheckPoint BGP Route advertisement

Hello All,

Yesterday i face strange problem in my checkpoint device CP15400 version R77.30 .

I have configured BGP and BGP neighbor was establish.  i was able to receive routes from neighbor but  i was not able to advertise my Public Pool to my neighbor .  

in route redistribution option i have selected interface where i have configured my public pool and i was redistributing it into my BGP routing protocol . 

Does anyone has come across that situation  ? 

Labels
9 Replies
Mike_A
Advisor
‎2018-12-03 04:31 AM

If I am reading this correctly you have established BGP with your peer but are unable to advertise from your Check Point 15400 to the peer.

1.) Do you have a static route on your peer, for the network you are trying to advertise, which is would take a higher priority (admin distance) over the BGP route?

2.) Do you have a route-map/prefix-list on your peer which is only accepting specific networks in?

3.) If your peer is a Cisco, have you run the command 'show ip bgp neighbor <Check Point IP> received-routes'

4.) You can also run on your 15400 'show bgp peer (peer IP) advertise' which will show you if the route is even being advertised out of your 15400. 

Just a few things I can think of with limited information about your config, peers, etc. 

0 Kudos
Dhruvkumar_Pate
Participant
‎2018-12-03 06:11 AM
In response to Mike_A

1)  The setup is working fine With my Old Nokia hardware.  

2)  Problem is when i do show bgp peer x.x.x.x. advertise in CP i dont see anything even though i have redistributed my Interface IP Network into BGP.  

0 Kudos
Petr_Hantak
Advisor
Advisor
‎2018-12-03 05:38 AM

One more additional question to those which are here already... How did you take whole configuration? Was it via WebUI or via CLI?

0 Kudos
Dhruvkumar_Pate
Participant
‎2018-12-03 06:22 AM
In response to Petr_Hantak

Via WebUI. 

0 Kudos
Mike_A
Advisor
‎2018-12-03 06:29 AM
In response to Dhruvkumar_Pate

Ok, so lets get into some more details. 

1.) What is the AS of your 15400?

2.) What is the AS of your peer?

3.) If you can show a screen shot of your WebUI for the Route Redistribution section?

0 Kudos
Petr_Hantak
Advisor
Advisor
‎2018-12-04 06:04 AM
In response to Dhruvkumar_Pate

Good, are you sure that all the configuration related BGP has been taken via WebUI? Because in case if you do for example routemap in CLI, the following rule could be aplicated.

Routemaps

Control which routes are accepted and announced. Used to configure inbound route filters, outbound route filters, and to redistribute routes from one protocol to another.

Route maps offer more configuration options than the Portal options. However, they are not functionally equivalent.

If one or more route maps are assigned to a protocol (for import or export), any corresponding Portal configuration is ignored.

Gaia Clish

It is not probably your case but it is good to check this as well.

0 Kudos
Ricardo_Gros
Collaborator
‎2018-12-04 12:28 AM

Hi, 

Make sure that your route is on the Routing table, only routes on the routing table are distributed. 


To be able to help please further please share: 

Routing table of both members, bgp configuration and redistribution options. 

0 Kudos
smismi
Explorer
‎2023-01-20 08:03 AM

Hello, I have the same problem that the routes are not advertised. Did you solve the problem in the end?

Best Regards

Stefan

0 Kudos
Austin_Ponten
Participant
Participant
‎2023-06-14 04:39 AM
In response to smismi

Same! 

 

Ive tried:

set route-redistribution to bgp-as (AS number) from interface all on

set route-redistribution to bgp-as (AS number) from static-route all-ipv4-routes on

I've been reading about route maps and double and triple checking but it doesn't want to work. 

 

-A

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top