Wan link sharing in redundant SDWAN design

Forum|Forum|7 years ago
April 5, 2019
1 reply
3945 views

Hi All

I am at initial phase of a SDWAN deployment. I will have dual FWs in branches. I can connect my internet connection as full mesh to my fortigates. However my mpls provider is proving only one physical connection with /30 subnet. So i can connect it only to one device. Can i do some magic to make fortigates to share my mpls link for sdwan?

lobstercreed

New Member

The only way I know of is to add a switch in between. It does add a single point of failure but you're already looking at that with the provider's setup. This is what we do, as our ISP's only give us one port each.

mahesh_secure

New Member

Hi

as mentioned by @lobstercreed

you need fortiswitch or any other l2 switch that support stacking.

create a vlan in switch and add 3 port to that vlan in access mode.

example:

port 1

port2

port3

in vlan 2 with access mode. connect MPLS to port 1 and from port 2 to 1st firewall and port3 to 2nd firewall

Regards

Mahesh

ozzy1903Author

New Member

But ISP is giving me /30. Will firewalls share the only one available IP?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded