With BGP Internet stop work all branch
-
Hello, a strange situation is happening, there are several branches connected via VPN, BGP is configured, the connection is made through cisco, internal network, the Internet is working correctly. I turn off the cisco in one of the branches, I connect pfsens instead, the internal local network works without problems, but the Internet stops working in all branches, the sites ping, the routes to the sites are correct, but the browser shows a connection timeout error. Maybe you've experienced this kind of behavior?
-
Sounds like something incorrectly advertising a default route.
How is internet traffic supposed to be routed?
Steve
-
@stephenw10
Hello! From branch pfsense, traffic should go to the cloud pfsense, in the pfsense cloud the main one, then the cloud pfsense redirects traffic, traffic to known subnets goes through direct links that are on the cloud pfsense, the rest of the traffic goes to the default route, which is specified in the cloud pfsense settings. -
If swapping out only one branch is affecting internet traffic for all branches it pretty much has to be a routing issue.
Run a traceroute, where is that traffic going?
You said earlier you had replaced only one branch Cisco device with pfSense though. Does that mean the main cloud site is already pfSense when it's working correctly?
Steve
-
@stephenw10 hello, we once again checked the BGP settings on cisco, noticed a couple of parameters related to the announcing the default route, transferred these parameters to pfsense and everything worked, thanks for trying to help me.
