10-16-2024 05:51 AM
Hello Team,
Need to create a IPSEC tunnel to GCP environment, to use BGP not static routing.
What are the concepts here?
Will I use policy based or route-based setup?
Step by step guide will be appreciated.
Thank you in advance.
Solved! Go to Solution.
10-29-2024 07:47 AM
VTI friend not policy-based VPN
MHM
10-29-2024 07:47 AM
VTI friend not policy-based VPN
MHM
10-29-2024 01:41 PM
Hi,
Use IKEv2 route based VPN's with BGP on top of that. What is your Cisco platform?
Best,
Cristian.
10-29-2024 10:31 PM
am now facing asymmetric routing issues, yet have used weight, will this attribute assist or its local to me? i need a different attribute?
10-29-2024 10:56 PM - edited 10-30-2024 12:06 AM
Can you more elaborate
if you have one FTD connect via two VTI to GCP then
weight will control the OUTBOUND traffic
and you need to use as-prepend or MED to control the INBOUND
if your case not as above please share topology
Thanks
MHM
10-30-2024 12:15 AM
on-prem device in one
10-30-2024 12:19 AM
then use as-prepend or MED to make GCP use one path than other
this will eliminate the asymetric traffic you face in such OUTbound use VTI1 and INbound use VTI2
MHM
10-30-2024 12:22 AM
since i configure both ends, do i need to use the attributes on both ends, or configuring on-prem bgp attributes gets me sorted?
10-30-2024 12:42 AM - edited 10-30-2024 12:42 AM
No need both sides'
Only FTD side
MHM
10-31-2024 01:50 AM
quick one, question;
I normally nat my internal ip to a public IP that i share with clients on the encryption domain.
If i want to now route client traffic to cloud, not on-prem, i presume all i would need to do is nat the IP to an endpoint on cloud?
Am i right?
10-31-2024 01:52 AM
for them to access on-prem, there a re equivalent policies, now when sending them to cloud, how do the acl come in, on the on-prem FTD?
10-29-2024 11:25 PM
Hi,
BGP weight is locally significant value, use local-preference for BGP AS wide influence.
Best,
Cristian.
10-30-2024 12:02 AM
does the local preference influence both out and in traffic?
10-30-2024 06:58 AM
Hi,
Local preference attribute does not leave the AS, so it only influence traffic egress from the AS / leaving the AS.
Best,
Cristian.
10-30-2024 10:39 PM
so i do i influence return traffic?
or should i use both. use med for egress and as prepend for ingress?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide