Site A has 2 WAN & Site B has 1 WAN, I need to create ipsec site to site tunnel with tunnel 1 as prioroty 1 and tun2 as priority 2, is it possible, the requirement is the secondary tunnel will act as a HA

Forum|Forum|1 month ago
April 25, 2026
4 replies
55 views

both site with redundant WAN , i got it how to do , but with singel wan on 1 side i am in doubt, please advice?

ebilcari

Staff

Take a look at this article:

Emirjon

sjoshi

Staff

Hi @Jayakrishnan

Yes it is possible.

Once the IPSEC VPN tunnel is created then you can set the route priority and AD value to make one tunnel as primary and other as secondary

https://community.fortinet.com/fortigate-3/technical-tip-routing-behavior-depending-on-distance-and-priority-for-static-routes-and-policy-based-routes-99660

Thanks, Salon

sw2090

SuperUser

or use SDWAN VPN for that. Only disadvantage I found on this yet is that this creates a zone for your vpn which is pretty nice for e.g.routing. Unfortunately a zone cannot be member of a zone in FortiOS which extends my policies...

JayakrishnanAuthor

New Member

Thank you all, For your valuable suggestions & advice. let me create the tunnel and update you ASAP.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded