Fortigate 50E, use static WAN from one of the dual ISP

Forum|Forum|4 years ago
May 17, 2022
2 replies
1700 views

Hello, I have a Fortigate 50E which I placed 2 ISP's in both WAN1 and WAN2 and using them both to load balance. One of my ISP has a static WAN Address, which is WAN 2. I am trying to setup SSH to my server so I can connect remotely, I port forwarded my server IP in the ISP modem(WAN 2) but upon looking into canyouseeme.org it shows the WAN address of my other ISP(WAN 1) and sometimes shows the WAN 2 address. My question is how can I set it in Fortigate that it only uses WAN 2 public static address so that I can remotely connect to the server?

aksingh

Staff & Editor

Hello, It looks there is two default routes so ECMP gets trigger and outgoing traffic from the server takes sometime WAN1 and sometime WAN2 ISP. You can create a policy route if you want to traffic via a specific ISP ( WAN2 ), also configure VIP with external interface as WAN2 for VIP. Please refer below link on the same scenario, hope it will be helpful

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Access-to-an-internal-server-using-a-VIP-via-wan/ta-p/198754

Regards,

seshuganesh

Staff

Hi Team,

May i know who is updating this record "canyouseeme.org" to wan1 or wan2?

I believe they are not pointing correctly.

You can use fortiddns with unique domain name, and keep interface as wan2 which will resolve your issue:

https://docs.fortinet.com/document/fortigate/7.2.0/administration-guide/685361/ddns

Please check and keep us posted

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded