SD-WAN Remove Private AS

Disable the BGP Remove Private AS numbers setting for SD-WAN hubs and branches.
SD-WAN Plugin 2.0.2 allows you to determine whether the
Remove Private AS
setting is enabled or disabled for all SD-WAN BGP peer groups on a hub or branch firewall. The default setting is enabled.
If you have endpoints that need to exchange routes with a hub or branch firewall in an SD-WAN BGP topology, you wouldn’t want to remove private autonomous system (AS) numbers (64512 to 65534) from the AS_PATH attribute in BGP Updates. In this case, you would want to allow the private AS numbers to leave the SD-WAN private AS in BGP Updates, so you would disable
Remove Private AS
.
The
Remove Private AS
setting applies to all BGP peer groups on the branch or hub firewall. If you need this setting to differ among BGP peer groups or peers, you must configure the setting outside of the SD-WAN plugin.
If you change the
Remove Private AS
setting, commit to all SD-WAN cluster nodes, and subsequently downgrade to an SD-WAN Plugin version earlier than 2.0.2, then all configuration related to
Remove Private AS
must be done outside of the SD-WAN plugin or directly on the firewalls.
  1. Select
    Panorama
    SD-WAN
    Devices
    and Add an SD-WAN Device.
  2. Select the
    BGP
    tab to configure BGP routing.
  3. Deselect
    Remove Private AS
    to disable the removal of private AS numbers from BGP Updates (and thereby allow private AS numbers in BGP Updates).

Recommended For You