Issues with SDWAN

Question

I have two internet connections and am using SD-WAN with a 75% - 25% session load algorithm.  I'm having issues with certain financial websites because my outbound NAT IP is changing in the middle of a browsing session.  For example, a user goes to www.bank.com with the WAN1 address and after logging into the website the FortiGate starts using WAN2 to for www.bank.com.  The website detects a new IP address and logs the user out.  This happens even though WAN1 and WAN2 are both up.  I know I can build a SDWAN rule to force the interface for connections to www.bank.com but this only seems to be happening on a couple of my Foritgate units.  I don't have this problem everywhere, so I'm curious if anyone else has run into this issue.

GDiFi · Answer

What is the method of load balancing you are using for SDWAN? If you could share the output from:

config system sdwan

show

This is be helpful. More than likely you have two links that are very similar in quality and have the SDWAN setup to best quality so it flips every time there is a slight change in who is primary.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded