Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Routing Traffic through SD-WAN
Have a fortiGate device with two different ISPs connected via SD-WAN. I would like to route all social media traffic (netflix, hbo, facebook, etc...) out the ISP connected that has less bandwidth and keep the faster pipe for work related items. However, if anyone of the connections goes down...automatically route all traffic out the "up" connection.
How do you use policy route to route the social media traffic out the slower pipe?
How do you use policy route to route the social media traffic out the slower pipe?
Labels:
- Labels:
-
Next Generation Firewall
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
From my point of view, you can't do it easier.
What is your FortiOS ?
Since FortiOS 5.6, you can make policy routing based on FQDN (be carefull, FQDN only and not wildcard FQDN). Maybe check is needed if you can do it based on "internet services" on FortiOS 6.X (not possible in 5.6).
Best regards,
Yohann
From my point of view, you can't do it easier.
What is your FortiOS ?
Since FortiOS 5.6, you can make policy routing based on FQDN (be carefull, FQDN only and not wildcard FQDN). Maybe check is needed if you can do it based on "internet services" on FortiOS 6.X (not possible in 5.6).
Best regards,
Yohann
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Norman,
Under "Network" >> "SDWAN Rules" you can specify rules based on Protocol and Service Type, or you can specify based on "Internet services" like Amazon AWS, Facebook-web, Facebook-watsapp etc. For each rule you can specify the WAN interface to access the internet. ie you can specify which all services can be access through each interface.
A user can be made to access Microsoft Outlook through WAN1 and Facebook through WAN2 with SDWAN Rules. This may serve your purpose. So checkout SD WAN Rules before Policy routes.
Check out
https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-networking/SD-WAN/Configuring_SD-WAN_rules.htm
------------------------------
Regards,
Kirthy
------------------------------
-------------------------------------------
Original Message:
Sent: 04-05-2019 01:29
From: Norman Snowden
Subject: Routing Traffic through SD-WAN
Have a fortiGate device with two different ISPs connected via SD-WAN. I would like to route all social media traffic (netflix, hbo, facebook, etc...) out the ISP connected that has less bandwidth and keep the faster pipe for work related items. However, if anyone of the connections goes down...automatically route all traffic out the "up" connection.
How do you use policy route to route the social media traffic out the slower pipe?
Under "Network" >> "SDWAN Rules" you can specify rules based on Protocol and Service Type, or you can specify based on "Internet services" like Amazon AWS, Facebook-web, Facebook-watsapp etc. For each rule you can specify the WAN interface to access the internet. ie you can specify which all services can be access through each interface.
A user can be made to access Microsoft Outlook through WAN1 and Facebook through WAN2 with SDWAN Rules. This may serve your purpose. So checkout SD WAN Rules before Policy routes.
Check out
https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-networking/SD-WAN/Configuring_SD-WAN_rules.htm
------------------------------
Regards,
Kirthy
------------------------------
-------------------------------------------
Original Message:
Sent: 04-05-2019 01:29
From: Norman Snowden
Subject: Routing Traffic through SD-WAN
Have a fortiGate device with two different ISPs connected via SD-WAN. I would like to route all social media traffic (netflix, hbo, facebook, etc...) out the ISP connected that has less bandwidth and keep the faster pipe for work related items. However, if anyone of the connections goes down...automatically route all traffic out the "up" connection.
How do you use policy route to route the social media traffic out the slower pipe?
Regards,
Kirthy
Regards, Kirthy
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SDWAN rules are the solution, you can specify policy routes based on applications to achieve your needs.
Regards
Rony
------------------------------
Rony Moussa
Fortinet NSE Certified: Level 8
------------------------------
Regards
Rony
------------------------------
Rony Moussa
Fortinet NSE Certified: Level 8
------------------------------
Rony Moussa
Fortinet NSE Certified: Level 8
Fortinet NSE Certified: Level 8
Rony MoussaFortinet NSE Certified: Level 8
