BGP over LAN Connection

Run BGP and data plane via LAN interface with an instance in the same VPC or VNet.

The BGP over LAN connection is typically selected if you have enabled BGP over LAN when creating your Azure Spoke Gateway. Currently BGP over LAN is only available for Azure Spoke Gateways, and for Azure and GCP Transit Gateways.

BGP over LAN is mainly used to peer with third-party Network Virtual Appliances.

To set up an external connection via BGP over LAN:

  1. Go to Networking > Connectivity > External Connections (S2C) tab.

  2. Click + External Connection.

  3. Select or enter the following values:

Parameter

Description

Name

A name for this connection.

Connect Local Gateway To

Select the External Device radio button. Click on the dropdown menu and select BGP over LAN.

Local Gateway

The name of the local gateway. This is the gateway in the cloud that will connect to an on-prem gateway or device.

Local ASN

Enter the local gateway’s ASN.

Remote ASN

When BGP is selected, the remote ASN for backup should be the same as the primary remote ASN. The Remote ASN is the BGP AS number the external device will use to exchange routes with the Transit Gateway.

BGP ActiveMesh

Mark this checkbox to enable full mesh BGP connections to the external devices from the primary and HA Transit gateways. Only to be used for Azure Route Server Integration.

Learned CIDR Approval

This is Off and disabled by default unless the Local Gateway you select has Learned CIDR Approval turned On; the Connection option selected, and the BGP connection selected. Then it is On by default (not editable).

When this setting is On, an approval process is set up for gateway learned CIDRs for this BGP external connection. This approval process improves security for your network. If an unapproved CIDR address attempts to access the connection, CoPilot sends an approval email to the CoPilot admin so that the admin can approve or block access.

Connection

Click + Connection to add a new connection. Enter:

  • Remote LAN IP - The IP address of the remote gateway.

  • Local LAN IP - The IP address of the local gateway.

  1. Click Save.

The new BGP over LAN external connection appears in the table.