Technical Tip: FortiView Secure SD-WAN Monitor
Description
This article describes the configuration needed to display data in FortiAnalyzer secure SD-WAN monitor.
Scope
FortiAnalyzer.
Solution
- A 'No Device Selected' message will appear if FortiAnalyzer does not receive the necessary SD-WAN logs.
- To display data in a secure SD-WAN monitor, the following requirements need to be fulfilled.
- SD-WAN rule needs to have a specify source address together with protocol number/internet service/application.
- SLA logging needs to be enabled on FortiGate health check and applied to SD-WAN Rules.
Sample configuration in FortiOS 6.4:
config system sdwan
config health-check
edit "ping"
set sla-fail-log-period 30
set sla-pass-log-period 60
next
end
end
- SD-WAN interface members should have configured with the 'WAN' role and 'Estimated bandwidth'.
- The firewall policy with the SD-WAN interface needs to log all sessions.
- Ensure that traffic is passing through the SD-WAN rules. Verify this with the FortiGate SD-WAN rules hit count.
- Ensure that FortiAnalyzer is receiving health check SLA status logs under Logview -> Event -> SD-WAN.
- Once FortiAnalyzer receives the logs, the Secure SD-WAN monitor will provide the device list with data present in each widget.
Notes:
- As of FortiAnalyzer version 7.4.7, the only configuration required in FortiGates to populate the devices under Secure SD-WAN Monitor is to have health-checks enabled alongside logging:
config system sdwan
config health-check
edit "HC_HUB"
set sla-fail-log-period 30
set sla-pass-log-period 60
Related articles:
Troubleshooting Tip: Troubleshooting the FortiManager SD-WAN monitor.
Technical Tip: Tabulating the data in the Application widgets in FortiView Secure SD-WAN Monitor.