>
    Configure a Filter Route Maps Redistribution List
    Focus
    Download PDF
    Focus
    1. Home
    2. Next-Generation Firewall
    3. Set Up Firewalls
    4. Routing and Interfaces
    5. Configure Routing Profiles
    6. Configure a Filter Route Maps Redistribution List
    Download PDF
    Next-Generation Firewall

    Configure a Filter Route Maps Redistribution List

    Table of Contents

    Configure a Filter Route Maps Redistribution List

    Configure a redistribution route maps list to specify which BGP, OSPF, RIB, or connected static route to redistribute.
    Contact your account team to enable Cloud Management for NGFWs using Strata Cloud Manager.
    Where Can I Use This?What Do I Need?
    One of these:
    Use a Redistribution Route Map in a Redistribution Profile to specify which BGP, OSPF, RIB, connected or static routes (the source protocol) to redistribute to BGP or (the destination protocol). You can also redistribute BGP host routes to BGP peers. The match criteria can include IPv4s addresses specified by an access list and prefix list.
    A Redistribution route map can have multiple entries; routes are evaluated against the entries in sequential order. When a route matches an entry, it’s permitted or denied and the route isn’t evaluated against subsequent entries. If the action of the matching entry is Permit, the firewall also sets the configured attributes from the route map to the redistributed route.
    1. Log in to Strata Cloud Manager.
    2. Select ManageConfigurationNGFW and Prisma AccessDevice SettingsRoutingProfilesFilters and select the Configuration Scope where you want to configure the BGP route map.
      You can select a folder or firewall from your Folders or select Snippets to configure the BGP route map in a snippet.
    3. Add Filters Route Maps Redistribution.
    4. Enter a Name for the redistribution route map.
      The name must start with an alphanumeric character, underscore (_), or hyphen (-), and can contain a combination of alphanumeric characters, underscore, or hyphen. No dot (.) or space is supported.
    5. Select the Source Protocol. The source protocol is where the Match selections apply.
      You can select BGP, OSPF, or Connected Static.
    6. Select the Destination Protocol. The destination protocol is where the Set selections apply.
      You can select BGP or OSPF.
    7. Add Route Map entry.
    8. Configure the redistribution route map Entry.
      1. Enter the Seq number of the access list filtering rules in the list of rules for the redistribution route map.
        Range is 1 to 65,535.
        Leave unused numbers between sequence numbers so you can insert additional rules faster.
      2. Enter a helpful Description of the entry (rule).
      3. For Action, select Deny or Permit.
    9. Configure the redistribution route map Match to configure the criteria for the source protocol.
      1. Configure the BGP route match criteria.
        • AS Path Access List—Select an AS path list. Default is None.
        • Interface—Select the match interface of the route. Default is None.
        • Regular Community—Select a Community list. Default is None.
        • Origin—Select the origin of the route: ebgp, ibgp, or incomplete. Default is none.
        • Large Community—Select a Large Community list. Default is None.
        • Tag—Enter a tag value that has meaning in your networks, in the range 0 to 4,294,967,295.
        • Extended Community—Select an Extended Community list. Default is None.
        • Local Preference—Enter a value in the range 0 to 4,294,967,295.
        • Metric—Enter a value in the range 0 to 4,294,967,295.
        • Peer—Select a peer name or local (Static or Redistributed routes). Default is none.
      2. Configure the BGP route map to match on various types of IPv4 addresses.
        • On the Address tab, select an Access List to specify addresses to match.
        • Select a Prefix List to specify addresses to match. It matches the prefix received from a peer or a prefix redistributed to a protocol from another protocol.
          If both an access list and prefix list are specified, both requirements must be met (logical AND).
        • On the Next Hop tab, select an Access List to specify next hop addresses to match.
        • Select a Prefix List to specify next hop addresses to match.
        • On the Route Source tab, select an Access List to specify a source IP address of a route to match. For example, the access list could permit a distant peer with the address 192.168.2.2 who is advertising a route to a certain prefix. You can make this BGP route map match on the route’s source address 192.168.2.2 and then perhaps filter the route based on matching the peer address 192.168.2.2 as the source of the route, or set a next hop for routes matching that route source.
        • Specify a Prefix List to specify one or more source networks prefixes to match.
    10. Set the actions to perform on routes matching the rule, which will be redistributed to the destination protocol.
      1. Select the Metric Action for the redistribution rule.
        You can set the Metric value, add the specified Metric Value to the matching route’s original Metric value, or subtract the specified Metric Value from the matching route’s original Metric value; the default is None. Select the add or subtract action to adjust a metric and thus prioritize or deprioritize the matching route.
      2. Enter a Metric Value to set, add to, or subtract from the metric; the range is 0 to 4,294,967,295.
      3. Select the Metric Type: Type 1 or Type 2.
      4. Specify a Tag; range is 1 to 4,294,967,295.
    11. Add the redistribution route map entry.
    12. Save.

    © 2024 Palo Alto Networks, Inc. All rights reserved.