ADVPN with SDWAN and adding Second HUB

Forum|Forum|6 years ago
June 3, 2020
1 reply
7446 views

I am working on configuring ADVPN with 1 internet connection at the HUB, and 2 internet connections at most the branch Locations. (Some will only have 1 internet connections).

I currently do not have any route maps so routing table looks messy but it works ok

First question: Has anyone set this up already, and does my configuration setup look correct. I know it is working, but very new to fortigate and BGP

Second question: I cannot wrap my head around how I would prefer hub 1 to be used to to build the shortcuts. Maybe it doesn't matter what hub is used and I am over thinking it. With Cisco DVMPN i would put a delay on the tunnel to the second hub, which would keep EIGRIP from using it because it was a worse route. Do I need to do this with BGP? Is there such and option?

Spoke Config - https://pastebin.com/tw65NXWX

Hub Config - https://pastebin.com/eggvdUty

Hub2 Config - https://pastebin.com/KwvihNqP

VPN

bamatherAuthor

New Member

Anyone ever done this?

RVTim

New Member

bamather,

Did you ever get anywhere on this? I've got something similar I'd like to do, and if you've done it, it would be great to get some insight.

I have this thread, with no replies, also:

https://forum.fortinet.com/tm.aspx?tree=true&m=192395&mpage=1

Not Logged in

chrome

bamatherAuthor

New Member

I did not get this to work as I wanted. I did get it to work with 2 hubs but it is not true SDWAN as I did a primary and backup VPN connection to the hubs. In my case I have a fiber and a cable/DSL to all my branch locations so SDWAN always picked the Fiber anyways for the IPSec VPN connection.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded