Jeroen_Demets
Collaborator

BGP with CloudGuard IaaS in AZure

Hi,

what is possible with BGP with a CG IaaS Gateway in Azure?

We have a scenario where a CG IaaS gateway is in a hub-spoke design and it is located in the hub. An on-premise CP firewall has a VPN towards this hub gateway.

The customer wants to be able to automatically go to a new spoke vnet when that is created. So we are wondering if a CP Gateway with BGP active can automatically learn of a new spoke vnet (that is connected using azure vnet peering).

Jeroen

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

I don't see why not, assuming the gateway finds out about this VNet somehow (with BGP or static routes).

0 Kudos
Jeroen_Demets
Collaborator

sorry for my late reply but all the documents I find are BGP with an Azure VPN Gateway instead of a CP IaaS gateway. I don't see how you can configure BGP interaction with an IaaS gateway and azure networking.

For Azure VPN Gateway: https://docs.microsoft.com/en-us/azure/vpn-gateway/bgp-howto

all the BGP settings are done in there. I just don't find BGP in for example a vnet configuration

0 Kudos