Redundant topology with SD-WAN (MPLs + IPSEC)

Forum|Forum|5 years ago
September 29, 2020
1 reply
2707 views

Good morning everyone

I have a question that I don’t know if there is a solution, due to lack of knowledge in SD-WAN. I need to have a way to make my MPLS redundant through an IPSEC. I did this with SD-WAN and obitive a certain success, but here a problem arose, due to the poor quality of MPLS, often the traffic is routed to IPSEC; here I need this to happen only in cases of a fall or when the quality is really bad. I also test by making the manual SD-WAN Rules, but there comes the case that sometimes the MPLS runs out of traffic, but the interface remains on, requiring manual intervention.

I tested it with an IPSEC tunnel inside MPLS, but here I lose the QoS metrics

Is there any smart way out for this case? thanks in advance

I'm using fortios 6.4.2

nsec

New Member

Hi,

read this section (6.4.2) SD-WAN->Performance SLA->Link health monitor:

https://docs.fortinet.com/document/fortigate/latest/administration-guide/580649/link-health-monitor

--

n

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded