The other day I get to configure a Fortigate 100D via CLI to peer via a Cisco device. Now the requirements are on certain LAN interfaces on the Forti, they are not making full use of the /24 instead they broke it up to /28.
So 3 interfaces on the LAN that would need to advertise 155.1.20-40.0/24 as /24 subnets but are only assigning /28s on the interface itself. Doing this on a Fortigate is not a simple of going into the GUI and clicking your way through it. You’d need to gain CLI access to the device either via its portal or ssh.
From the CLI I would have to aggregate the prefixes into /24 and enable summary only to not advertise the more specific routes.
config router bgp
set as 12345
set router-id 155.1.10.2
config aggregate-address
edit 1
set prefix 155.1.20.0 255.255.255.0
set summary-only enable
next
edit 2
set prefix 155.1.30.0 255.255.255.0
set summary-only enable
next
edit 3
set prefix 155.1.40.0 255.255.255.0
set summary-only enable
next
end
config neighbor
edit “155.1.10.2”
set remote-as 12346
set send-community6 disable
next
end
Running-Config 