Skip to main content
DamianLozano
DamianLozano
New Member
August 16, 2019
Question

Some users load balance to new ADSLs

  • August 16, 2019
  • 2 replies
  • 7284 views

Hello,

 

I have currently a Fortigate 100E with firmware 5.6.6, this has 3 different internet connections (Wan1, Wan2 and Port1)

These 3 ISPs have static routes with the same distance and pririty, and I have some policy routes for specific traffic.

I need to add 2 additionals ADSLs (Port2 and Port3), I need to configure for specific IPs could access Internet only through any of these 2 new ADSLs (Load balance), and keep the others to go out like now.

For example: I need to make a load balance for 172.20.4.128/25 between port2 and port3.  And keep the other traffic like now. 

I have created a SDWAN, configured both interfaces and added these to the SDWAN

The fortigate does not allow me to create a policy route with the SDWAN.

Which is the better way to accomplish the task?

Is the only way to add a static route for the SDWAN with the same distance and priority than other ISPs and using IPv4 Policies to select which local IP goes out through which interface?

Any other suggestion? (with or without SDWAN)

 

Thanks in advance.

Regards,

Damián

    2 replies

    Dave_Hall
    Dave_Hall
    New Member
    August 16, 2019

     Are you creating these rules under SD-WAN Rules?

     

     

     

    DamianLozano
    DamianLozanoAuthor
    New Member
    August 16, 2019

    I still did not create any rule

    Just wanted to know which is the better way to accomplish what I mentioned

    I think SD-WAN Rules are to send some traffic through some SD-WAN member, which so far I dont need to do, just need to make a load balance with those traffic which should go out through the SD-WAN

     

    Thanks

    Regards

    Damián

    orani
    orani
    New Member
    August 16, 2019

    You can make two ip pools with overload option and your port 2,3 public ips. Then create the address groups needed for your internal machines which you want to pass from these two lines. Create a rule from internal to SD-WAN with source those addresses and destination any. Enable NAT and choose "use dynamic ip pool", add to the dynamic pool the two objects that you created at the first step.

     

    This should route your traffic from those interfaces.

    Terms & ConditionsAccessibility statement