Skip to main content
isaravia
isaravia
New Member
July 30, 2021
Question

Split Separate WAN1 Traffic for Internal Port 2 in a FortiGate with an active SD-WAN

  • July 30, 2021
  • 1 reply
  • 2559 views

Hi guys

 

We have a fortigate configured with 2 ISPs (wan1 and wan2). Right now, we need an internal port with just one ISP connection. We were trying to accomplish this, following these steps one by one:

 

1) Separate Internal port 2 from Hardware Switch

2) Create an Interface for internal port 2 with a different DHCP range. 

2) Create a new VLAN

3) Set VLAN with WAN1 to Internal Port 2

4) Create a Policy Based Rule to set one Port (for example 8293) for the LAN.

 

It didn't work. How can I do this?

Thanks & Best Regards.

    1 reply

    akushwaha
    Staff
    akushwaha
    Staff
    July 17, 2023

    Hi,
     As I understand you want your Internal Port 2 traffic to go via Wan1 only, you can achieve this by using SDWAN rules if you are using SDWAN.

    ++Create SDWAN rule and add Internal Port2 as source and  destination as Wan1 port.
    ++ In Outgoing (Interface selection strategy) select Manual and in Interface preference add WAN1.
    ++ Also put this SDWAN rule above all rule.
    Please refer to below article regarding SDWAN rules:

    https://community.fortinet.com/t5/FortiGate/Technical-Tip-Working-of-SD-WAN-rule-with-outgoing-interface/ta-p/192239


    Thanks and Regards,
    Abhimanyu

    Terms & ConditionsAccessibility statement