Disable (uncheck) the Remove
Private AS option (default is enabled) if you have endpoints
that need to exchange routes with a hub or branch firewall in an
SD-WAN BGP topology and therefore you don’t want to remove private
AS numbers (64512 to 65534) from the AS_PATH attribute in BGP Updates. This
setting applies to all BGP peer groups on the branch or hub firewall. If
you need this setting to differ among BGP peer groups or peers,
you must configure the setting outside of the SD-WAN plugin. If
you change the Remove Private AS setting, commit
to all SD-WAN cluster nodes, and subsequently downgrade to an SD-WAN
Plugin version earlier than 2.0.2, then all configuration related
to Remove Private AS must be done outside
of the SD-WAN plugin or directly on the firewalls. |