Reply
New Member
Posts: 12
Registered: ‎10-14-2013
Accepted Solution

Firewall Sensei Needed

Greetings All!

 

Simple question regarding firewall rules.

 

I need to connected my EdgeRouter Pro to a BGP server and the default rules wont allow that.    Does anyone have a basic config that shows me where exactly to add the needed rule(s) to allow the connection to the BGP server?

 

Also when updating policy prefix lists is there a simple way to reload so that the commited changes apply without having to do a full reboot?

 

 

 

Thanks!


Accepted Solutions
Veteran Member
Posts: 7,233
Registered: ‎03-24-2016
Kudos: 1862
Solutions: 822

Re: Firewall Sensei Needed

Something like below should take care of incoming BGP sessions:

set firewall name WAN_LOCAL rule 40 action accept
set firewall name WAN_LOCAL rule 40 description BGP_in
set firewall name WAN_LOCAL rule 40 protocol tcp
set firewall name WAN_LOCAL rule 40 destination port 179
#optional, recommended
set firewall name WAN_LOCAL rule 40 source addres <BGP-Peer-IP>

View solution in original post


All Replies
Veteran Member
Posts: 7,233
Registered: ‎03-24-2016
Kudos: 1862
Solutions: 822

Re: Firewall Sensei Needed

Something like below should take care of incoming BGP sessions:

set firewall name WAN_LOCAL rule 40 action accept
set firewall name WAN_LOCAL rule 40 description BGP_in
set firewall name WAN_LOCAL rule 40 protocol tcp
set firewall name WAN_LOCAL rule 40 destination port 179
#optional, recommended
set firewall name WAN_LOCAL rule 40 source addres <BGP-Peer-IP>
Highlighted
New Member
Posts: 12
Registered: ‎10-14-2013

Re: Firewall Sensei Needed

Thanks!   That did the trick.    I am still wrapping my head around the firewall layout.

Reply