Skip to main content
talba
talba
New Member
January 31, 2024
Question

SD WAN configuration

  • January 31, 2024
  • 3 replies
  • 1253 views

Friends could give me their recommendations or suggestions for an SD WAN implementation.

In my fw it is planned to configure a sd wan, currently I have a WAN link that is associated with internet exit policies, publications and IPsec tunnels.

I was reading the KB since it will be the first time I will perform this configuration, however it is mentioned that I should eliminate all references to the WAN port.

If I delete everything I will not have access to the internet, the site to site tunnels will be down and the publications would be affected.

It is planned to perform this configuration remotely but if the policies are removed, I will not be able to access remotely.

Based on your experience, could you please give me recommendations to carry out this activity.

3 replies

sw2090
SuperUser
sw2090
SuperUser
January 31, 2024

you do have to remove all references from the wan (afaik except from IPSec tunnels). You cannot create an sdwan member from your wan if it still has references.

So you will not be able to reconfigure to sdwan without a downtime.

 

hbac
Staff
hbac
Staff
January 31, 2024

Hi @talba,

 

It is possible to migrate non-SD-WAN to SD-WAN. Please refer to this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-add-the-interface-in-SD-WAN-member-without/ta-p/257907

 

However, a maintenance window is still recommended and it is better to have someone onsite just in case something goes wrong. 

 

Regards,

VinayHM
Staff
VinayHM
February 2, 2024

Hi @talba 

 

You can add or remove the interface from the sdwan, no need to alter or delete any reference.

Please follow the below article for the same.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-add-the-interface-in-SD-WAN-member-without/ta-p/257907

 

Regards,

Terms & ConditionsAccessibility statement