Adding another ISP and LAN

Forum|Forum|3 years ago
September 7, 2022
1 reply
1441 views

Hello there,

I've got Fortigate device with following configuration:
- wan1: Internet
- port1: LAN (vlans)

Now I'd like to connect another ISP to wan2 and new LAN (new network) to port 2.

Is this should all works? I never do this so I wonder if it works in that way.

Thank you in advance.
AErot

FortiGate

Best answer by akristof

Hello,

Of course it will work. You will just need to decide how the ISP lines will be used: do you want ecmp (load-balancing) or you want to have primary and secondary line. Example (for SDWAN, something similar can be achieved without SDWAN also):

https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/990932/redundant-internet-with-sd-wan

And for second LAN, you will just need to couple of firewall policies to allow traffic and that's it.

akristofAnswer

Staff

Hello,

Of course it will work. You will just need to decide how the ISP lines will be used: do you want ecmp (load-balancing) or you want to have primary and secondary line. Example (for SDWAN, something similar can be achieved without SDWAN also):

https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/990932/redundant-internet-with-sd-wan

And for second LAN, you will just need to couple of firewall policies to allow traffic and that's it.

aerotAuthor

Visitor III

@akristof - Great :) Thanks for your reply.
I heard and even used SDWAN in one network, but in this case I don't need it.

akristof

Staff

Hi,

That was just example :) without SDWAN, you can read this article, it does explain how FortiGate behaves with different priority/administrative distance and how it will affect routing:

https://community.fortinet.com/t5/FortiGate/Technical-Note-Routing-behavior-depending-on-distance-and/ta-p/198221

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded