Skip to main content
wws
wws
New Member
April 1, 2025
Question

Dual WAN traffic shaping

  • April 1, 2025
  • 1 reply
  • 650 views

New FortiGate admin here.  We have two internet connections.  I'm looking to shape traffic so specific connections prefer WAN2, while everything else prefers WAN1.  Criteria would need to include connections to outside servers (both ingress and egress) that could be specified by IP or FQDN, as well as by protocol (eg. SIP).

 

And, when either WAN connection drops, the traffic would need to fail over to the available WAN interface.

 

I'm not finding good documentation on accomplishing this.  Any help would be appreciated!

1 reply

AEK
SuperUser
AEK
SuperUser
April 1, 2025

You are probably looking for SD-WAN.

You may start here:

https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/889544/sd-wan-quick-start

AEK
wws
wwsAuthor
New Member
April 4, 2025

SD-WAN looked like it would do the trick, but would also be quite a bit more setup work and quite a bit of over-kill.

 

I wound up going with Static Routes to set WAN1 as the general-preference and WAN2 for failover, and then doing very simple Policy Routes to push VoIP and other specific traffic towards WAN2.

 

Basically static route scenario #3: 

https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/360563/dual-internet-connections

 

and then a policy route, but just internal address, destination address and gateway filled in:  

https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/144044/policy-routes

Terms & ConditionsAccessibility statement