The change in the tunnel level BGP ASN is not reflected in the BGP peer for the EasyOnboarding process.

The change in the tunnel level BGP ASN is not reflected in the BGP peer for the EasyOnboarding process.

546
Created On 02/07/25 11:36 AM - Last Modified 06/14/25 01:44 AM


Symptom


  • The change in the tunnel level BGP ASN is not reflected in the BGP peer for the Easy Onboarding process.
  • The requirement is to have individual local BGP AS at each new site.
  • When attempting the configuration by visiting each branch site as detailed below, the BGP AS setting fails to work and BGP fails to activate.
SCM -> workflow -> Prisma SD-WAN Setup -> Branch Sites -> Choose a Site -> Scroll to Bottom -> Prisma Access Connectivity -> Edit Connectivity  -> Step 2 -> Dynamic Routing Options -> Edit -> Edit Remote Network Tunnel  -> SD-WAN BGP AS

Screenshot 2025-02-07 at 11.38.22.png

  • When the BGP fails and the tunnels are not formed it gives an error "Prisma Access Provisioning Status" as Failed. Screenshots are shown below

 

Error message

Environment


  • Prisma SD-WAN
  • BGP
  • Easy Onboarding

Cause


Software Issue.

Resolution


  1. The issue has been addressed in version 6.5.2.
  2. Upgrading to 6.5.2 will resolve the issue.
  3. As a workaround, Go to the SASE Connectivity illustrated below and adjust the local BGP AS for a site for a temporary fix.

    Screenshot 2025-02-07 at 12.32.24.png



    Other users also viewed:
    Actions
    • Print
    • Copy Link

      https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HF0MCAW&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail