: SD-WAN Remove Private AS
Focus
Focus

SD-WAN Remove Private AS

Table of Contents
End-of-Life (EoL)

SD-WAN Remove Private AS

Disable the BGP Remove Private AS numbers setting for SD-WAN hubs and branches.
SD-WAN Plugin 2.0.2 allows you to determine whether the Remove Private AS setting is enabled or disabled for all SD-WAN BGP peer groups on a hub or branch firewall. The default setting is enabled.
If you have endpoints that need to exchange routes with a hub or branch firewall in an SD-WAN BGP topology, you wouldn’t want to remove private autonomous system (AS) numbers (64512 to 65534) from the AS_PATH attribute in BGP Updates. In this case, you would want to allow the private AS numbers to leave the SD-WAN private AS in BGP Updates, so you would disable Remove Private AS.
The Remove Private AS setting applies to all BGP peer groups on the branch or hub firewall. If you need this setting to differ among BGP peer groups or peers, you must configure the setting outside of the SD-WAN plugin.
If you change the Remove Private AS setting, commit to all SD-WAN cluster nodes, and subsequently downgrade to an SD-WAN Plugin version earlier than 2.0.2, then all configuration related to Remove Private AS must be done outside of the SD-WAN plugin or directly on the firewalls.
  1. Log in to the Panorama Web Interface.
  2. Select PanoramaSD-WANDevices and Add an SD-WAN Device.
  3. Select the BGP tab to configure BGP routing.
  4. Deselect Remove Private AS to disable the removal of private AS numbers from BGP Updates (and thereby allow private AS numbers in BGP Updates).