Fortigate SD WAN Rule

hi,

one of the use cases of sdwan is to do exactly what you are experiencing, meaning use of failover link or loadbalacing of traffic.

if you want to only use a single interface for traffic, either remove the other interface from sdwan config or if you want only certain traffic to use only a single interface and not the other one, try using policy routes for that.

Hi, the goal you are trying to achieve is not possible with standard SD-WAN setup. The SD-WAN has Implicit rule at the very bottom of the SD-WAN rules which includes all SD-WAN-enabled interfaces, and it  cannot be disabled, and will always be failover to ISP2 if 1st ISP goes down. 

To suggest the options it would help to know your use case of both ISP links and SD-WAN rules (do you use SD-WAN rule to route different traffic to both ISPs?) usage . May be you don't need SD-WAN in the 1st place...

Hi @Yurisk and @funkylicious ,

Thanks for the response.

I'm just trying to build a separate network monitoring of our ISP's

I have 2 SD WAN rule and a firewall policy created for both our ISP.

scenario:

Ping 8.8.8.8 outgoing int ISP1

Ping 1.1.1.1 outgoing int ISP2

if ping to 8.8.8.8 goes down, no failover should occur, so that my network monitoring tool can catch the traffic, and vice versa.

any thoughts or recommendations would be much appreciated.

Thanks.