Skip to main content
heyyo
heyyo
Explorer III
August 9, 2024
Question

Wildcard FQDN on SDWAN Rules

  • August 9, 2024
  • 2 replies
  • 1651 views

Is it possible to use Wildcard FQDN on SDWAN Rules?

 

I am only seeing KBs related to firewall policy and wildcard FQDN:

https://docs.fortinet.com/document/fortigate/6.4.8/administration-guide/217973
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-a-wildcard-FQDN/ta-p/196118

 

Is this the reason why the traffic is not working as expected because the wildcard FQDN cannot be used on SDWAN rules? I am currently in 6.4.x

 

Thank you!

 

 

 

 

 

2 replies

xshkurti
Staff
xshkurti
Staff
August 9, 2024

@heyyo 

You can use FQDN in sdwan rules. But they need to be resolved by FortiGate.

You might have a different issue that is reflected in your traffic steering

 

    heyyo
    heyyoAuthor
    Explorer III
    August 11, 2024

    Hi @xshkurti thanks for this. I will check this further. Also wanted to highlight that I am using WILDCARD FQDN not just FQDN, and as I understand this should work as expected. Thanks!

    mle2802
    Staff
    mle2802
    Staff
    August 9, 2024

    Hi @heyyo,

    Yes, you can do that. However, the IP is only updated only when a DNS query is made from a host connected to FortiGate.

      Terms & ConditionsCookie settingsAccessibility statement