ADVPN/SDWAN using single WAN interface on hub

Question

I'm new to Fortinet gear and SDWAN so please have mercy. I'm trying to setup new gear using ADVPN and SDWAN for redundancy and load balancing. The issue is that all documentation has 2 WAN links for the hub and unfortunately we only have 1 per datacenter. Each spoke has two WAN links and we would like both to be able to pass traffic to the datacenter at the same time. I know how to just adjust the route weight on each link to have a primary and failover but we would really like to use SDWAN to have both of them work at the same time.

emnoc · Answer

One way , you could build 2vpns and then you can add these into a SDWAN zone

e.g

hub1. ISP-----------spoke1-ISP-A

hub1. ISP-----------spoke1-ISP-B

two two interfaces will be tied into a SDWAN zone

config system sdwan

set status enable

config zone

edit "sdwan-spoke1"

config members

edit 1

set interface "spoke1-A"

set zone "sdwan-spoke1"

set interface "spoke1-B"

set zone "sdwan-spoke1"

Just remember you need routing or routes, a dynamic routing protocol would do great here. We use SPOKE for all of our spokes and private AS#

Just keep in mind you can have upto 512 members in fortios 7.0

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded