🌎Basic BGP Configuration on pfSense
ฝัง
- เผยแพร่เมื่อ 5 ส.ค. 2024
- Hey there guys, hope you're doing well. In this video we will be exploring how to configure BGP on a pfSense firewall. I'll be talking about some nice use cases and things I think the pfSense can use BGP for. I'll also be going over the steps needed to configure BGP on pfSense. Including what package you need to download and some of the quirks that come with it when configuring BGP(Or any other routing protocol). Hope you enjoy!
❗Help the channel grow by subscribing if you aren't subscribed already! A like is also very appreciated and feel free to leave a comment about what you liked or disliked in the video and what else you would like to see from me :) 👊❗
Details about the video:
Timestamps:
📕00:00 - Introduction
📕01:00 - Use-cases and info
📕03:36 - Installing FRR Package
📕04:22 - FRR Global settings
📕05:17 - FRR BGP settings
📕08:41 - BGP Route Maps
📕10:08 - BGP Neighbors
📕12:47 - Verify peering status
Support the Channel:
⭐Become a Patreon: / thenetworkberg
⭐Become a TH-cam Member: / @thenetworkberg
Social Media:
🌏 / thenetworkberg
🌏 / bergnetwork
🌏 / the-network-berg-39451...
MTCRE Playlist:
• Free MTCRE RoSv6
MTCNA Playlist:
• Free MTCNA RoSv6
Thanks again for watching
Hey guys just some reference material, I highly suggest you watch the two videos I created on BGP using MikroTik for better understanding. Please also use the documentation as always.
pfSense Docs:
docs.netgate.com/pfsense/en/latest/packages/frr/bgp/required-info.html#
MikroTik BGP vids:
th-cam.com/video/M5UypwXmIFQ/w-d-xo.html
th-cam.com/video/cMNx2PSZ_6Q/w-d-xo.html
Thanks for covering this. It's great to see subjects like this being covered.
It's also explained clearly. I will come back to your channel more often.
Thank so much to create this video on bgp .
Thank you for the Video. This has the answers that I needed for FRR.
This was Amazing! I'm using pfSense with my VMware NSX lab and its working! Thank you so much!!
Awesome, been using FRR on Opnsense together with MetalLB for quite some time now, it's great, although I'd rather use vtysh and configure the daemon myself. But with a nice simple GUI I guess it's much nicer and faster to setup
thanks
Great Video I Have Learnt Alot, I Have a Question If I Have Two WAN IP Addresses (Primary Fiber Link On WAN On WAN1 Port (ix3) And WAN 2 On WAN2 Port (ix0) Wireless Uplink From Same ISP) How Do I Advertise The BGP Networks To Both WAN IPS?
to see routes on your mikrotik did you have to configure that as well or is it just able to listen and learn?
I have this setup slightly differently but am having an issue. I have 2 neighbors setup in BGP and the first is getting BGP routes coming back and is advertising the routes specified outbound to the 1st neighbor.
The 2nd connection/neighbor is advertising BGP routes back to my pfsense BUT the pfsense is NOT advertising routes to this 2nd neighbor. How can I get pfsense to advertise routes to more than 1 neighbor? For reference, I have P2P network connections so there is no internet connectivity to the pfsense. Any thoughts?
thank you.
Some sites are filtered for my country. I am going to connect my pfsense to external vpn service that I have on a server in America, and the traffic of sites that are filtered will pass through this way.
how can i do ? please ...
First you need import the ca into your certs manager
Then goto vpn > openvpn > clients
Create a new client with the configuration provided by your vpn supplier needed to connect to the vp. server. Typically found in an openvpn configuration file
Then goto firewall > Nat > manual outbound rule generation.
Then click "Add a mapping based of this rule" and change the interface to your openvpn interface.
Make sure to save and apply
Repeat for all 6-7 default Nat rules.
Then goto status > vpn and check your connected.
Lawrencesystems has a video on this. With setting up private Internet access. I've also set this up before.
Hope this helped. You may also want to check if the vpn ip range is blocked too as this won't work if it is.(has happened to me)
Are the Mikrotik and the pfSense in the same network ? what I didn't quite understand is how they could still communicate after you disabled the GW.
Yes the MikroTik and pfSense is in the same network. I could still get internet access because I was receiving a default route out via BGP from the MikroTik I was learning a 0.0.0.0/0 route from it.