Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Blason_R
Leader
Leader

BGP route-map on Check Point Firewall R80.30 to accept only one desired subnet

HI Team,

I have eBGP configured on 5900 GWs and my version is R80.30. I am currently accepting all traffic from peer. I wanted to know and configure only subnet i.e. 192.168.10.0/24 from that peer and deny others.

Can someone please confirm how do I do that on GAIA clish?

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
2 Replies
Chris_Atkinson
Employee Employee
Employee

Basic example should be something like this:

 

### Routemap Config ###

set routemap Peer-IN id 10 on
set routemap Peer-IN id 10 allow
set routemap Peer-IN id 10 match network 192.168.10.0/24 exact
set routemap Peer-IN id 20 on
set routemap Peer-IN id 20 restrict

### Apply For the Particular AS ###

set bgp external remote-as <AS-NUMBER> import-routemap Peer-IN preference 1 on

### Apply For a specific Peer ###

set bgp external remote-as <AS-NUMBER> peer <PEER-IP> import-routemap Peer-IN preference 1 on

### SAVE ###

save config

CCSM R77/R80/ELITE
0 Kudos
the_rock
Legend
Legend

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events