Skip to main content
jensthms
jensthms
New Member
July 14, 2019
Solved

SD WAN issue

  • July 14, 2019
  • 3 replies
  • 16158 views

I was trying to do SD WAN cofiguration in fortinet VM(6.0) in gns3 before going live in production. But i cant add members to SDWAN, it shows error FAILED DEPENDENCY. What could be the reason?. I also checked whether the interface adding is there in any policy. I can add one interface to SDWAN,when adding second one it shows failed dependency error.

    Best answer by Dave_Hall

    Possible suggestion:

    Add port2 to the SDWAN by itself and save that cfg then load an unencrypted backup copy into a text editor and add port3 to the SDWAN members.  Load that back into the fgt vm - try to monitor the console output while it is booting and/or perform diagnose debug config-error-log read at the CLI after you gain access the console.

     

    The above method is ugly in my opinion, but may work.  I recall an old bug from the 4.3/5.0 days where just doing something in the GUI causes certain interfaces to "become dependence".  That said, as a suggestion it maybe remotely possible that this problem is browser related - try using a different browser.

     

     

     

    3 replies

    hubertzw
    hubertzw
    New Member
    July 15, 2019

    Check routing and firewall policies, VPN, etc.

    jensthms
    jensthmsAuthor
    New Member
    July 15, 2019

    i checked that..interfaces are not linked in any of those sections(ipv4 policy,vpn,routing etc) Iam configuring it from scratch..

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    July 15, 2019

    Get in CLI and "show | grep -f INTERFACE_NAME"

    If it doesn't show anything other than the interface config, you might need to reboot it.

    jensthms
    jensthmsAuthor
    New Member
    July 18, 2019

    I also checked whether it is referenced anywhere but cant find anything.

    Leen
    Leen
    New Member
    July 18, 2019

    backup your fortigate and use a text editor to scan through the backup text file.

    items to look for

    - port 9 HA enabled

    - ntp setup on interface

    - user that has the interface on it's gui defined

    Dave_Hall
    Dave_HallAnswer
    New Member
    July 18, 2019

    Possible suggestion:

    Add port2 to the SDWAN by itself and save that cfg then load an unencrypted backup copy into a text editor and add port3 to the SDWAN members.  Load that back into the fgt vm - try to monitor the console output while it is booting and/or perform diagnose debug config-error-log read at the CLI after you gain access the console.

     

    The above method is ugly in my opinion, but may work.  I recall an old bug from the 4.3/5.0 days where just doing something in the GUI causes certain interfaces to "become dependence".  That said, as a suggestion it maybe remotely possible that this problem is browser related - try using a different browser.

     

     

     

    jensthms
    jensthmsAuthor
    New Member
    July 18, 2019

    I also checked the above things. But same issue. Attaching the config file below.

    Terms & ConditionsAccessibility statement