Staff

Technical Tip: Automation Stitch to shutdown wan interface if SLA fails

Forum|Forum|3 years ago
December 29, 2022
0 replies
6239 views

Description

This article describes how to use an automation stitch to shut down the WAN interface if SLA fails.

Scope

FortiGate.

Solution

In this setup, port1 is the WAN interface.

Create an Automation Action that will shut port1.

Create the Automation trigger when the SLA fails, the port1 is brought down.

Create Automation Stitch. When port1 SLA fails, port1 will be brought down.

CLI reference:

config system automation-trigger

edit "trigger-port1DOWN"

set event-type event-log

set logid 22933

config fields

edit 1

set name "interface"

set value "port1"

set name "healthcheck"

set value "SLA8888FGT1"

config system automation-action

edit "port1DOWN"

set action-type cli-script

set script "config system interface

edit port1

set status down

end"

set accprofile "super_admin"

config system automation-stitch

edit "stitch-port1DOWN"

set trigger "trigger-port1DOWN"

config actions

edit 1

set action "port1DOWN"

set required enable

Test Result.

Port1 SLA failed. Port1 shuts down automatically.

date=2022-12-29 time=10:51:33 eventtime=1672282293501050307 tz="+0800" logid="0113022933" type="event" subtype="sdwan" level="notice" vd="root" logdesc="SDWAN SLA notification" eventtype="Health Check" healthcheck="SLA8888FGT1" interface="port1" probeproto="ping" newvalue="dead" msg="SD-WAN health-check member initial state."

date=2022-12-29 time=10:51:34 eventtime=1672282294142945722 tz="+0800" logid="0100020099" type="event" subtype="system" level="warning" vd="root" logdesc="Interface status changed" action="interface-stat-change" status="DOWN" msg="Link monitor: Interface port1 was turned down"

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded