SDWAN feature for Internet and VPN IPsec trafic

Forum|Forum|8 years ago
March 12, 2018
1 reply
35685 views

Hello,

I am trying to know if it is possible to do SDWAN for Internet trafic and trafic going through two IPsec tunnels (the endpoint on the other side will be MX Meraki). The remote subnets for the two IPsec tunnels will be the same so if i am configuring static routes for this same subnet with as next hop the two tunnel interfaces (route-based vpn), I do not think I will be able to loadbalance the trafic, there will be always a preferred route and I will not have atcive-active links for VPN IPsec trafic. But with the SDWAN feature, maybe there is a subtility which can make this possible :) So the purpose is to loadbalance the Internet trafic and VPN trafic between the two WAN interfaces thanks to the SDWAN feature. Besides, I do not have a way to test it for the moment so this is just a theoritical question.

Thanks in advance,

Thomas

Best answer by ericli_FTNT

Hi Thomas_AA

Yes, you can config your two IPSEC link as active-active to load-balance your traffic by SD-WAN algorithm.

Please take a look at this document which is very helpful http://cookbook.fortinet....oyment-example-expert/

For detailed configuration, if you need, please put specific requirement and topology here. Keep in touch!

Thomas_AAAuthor

New Member

Hi everyone,

Anyone to help me on this question ? :(

Thanks in advance for your feedbacks :)

Thomas

ericli_FTNTAnswer

Staff

Hi Thomas_AA

Yes, you can config your two IPSEC link as active-active to load-balance your traffic by SD-WAN algorithm.

Please take a look at this document which is very helpful http://cookbook.fortinet....oyment-example-expert/

For detailed configuration, if you need, please put specific requirement and topology here. Keep in touch!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded