SD-WAN Remove Private AS
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
End-of-Life (EoL)
SD-WAN Remove Private AS
Disable the BGP Remove Private AS numbers setting for
SD-WAN hubs and branches.
SD-WAN Plugin 2.0.2 allows you to determine
whether the Remove Private AS setting is enabled
or disabled for all SD-WAN BGP peer groups on a hub or branch firewall.
The default setting is enabled.
If you have endpoints that
need to exchange routes with a hub or branch firewall in an SD-WAN
BGP topology, you wouldn’t want to remove private autonomous system
(AS) numbers (64512 to 65534) from the AS_PATH attribute in BGP
Updates. In this case, you would want to allow the private AS numbers
to leave the SD-WAN private AS in BGP Updates, so you would disable Remove Private
AS.
The Remove Private AS setting
applies to all BGP peer groups on the branch or hub firewall. If
you need this setting to differ among BGP peer groups or peers,
you must configure the setting outside of the SD-WAN plugin.
If
you change the Remove Private AS setting,
commit to all SD-WAN cluster nodes, and subsequently downgrade to
an SD-WAN Plugin version earlier than 2.0.2, then all configuration
related to Remove Private AS must be done
outside of the SD-WAN plugin or directly on the firewalls.
- Log in to the Panorama Web Interface.
- Select PanoramaSD-WANDevices and Add an SD-WAN Device.
- Select the BGP tab to configure BGP routing.
- Deselect Remove Private AS to disable the removal of private AS numbers from BGP Updates (and thereby allow private AS numbers in BGP Updates).