Technical Tip: Testing FortiGate originated ping traffic to follow SD-WAN rules
Description
This article describes how to test FortiGate’s execute ping command to help the self-originating traffic follows the existing implemented SD-WAN rules.
Scope
From version 6.2.4.
Solution
By default, self-originating traffic, such as Syslog, FortiAnalyzer logging, FortiGuard services, remote authentication, and others, relies on routing table lookups to determine the egress interface that is used to initiate the connection.
Policy routes generated by SD-WAN rules do not apply to this traffic.
To ping traffic, self-originating traffic can be configured to use SD-WAN rules:
https://docs.fortinet.com/document/fortigate/6.4.4/administration-guide/848980/self-originating-traffic
This article describes how to test FortiGate’s execute ping command to help the self-originating traffic follows the existing implemented SD-WAN rules.
Scope
From version 6.2.4.
Solution
By default, self-originating traffic, such as Syslog, FortiAnalyzer logging, FortiGuard services, remote authentication, and others, relies on routing table lookups to determine the egress interface that is used to initiate the connection.
Policy routes generated by SD-WAN rules do not apply to this traffic.
To ping traffic, self-originating traffic can be configured to use SD-WAN rules:
# execute ping-options use-sdwan {yes | no}Related document:
# execute ping6-options use-sd-wan {yes | no}
https://docs.fortinet.com/document/fortigate/6.4.4/administration-guide/848980/self-originating-traffic