Created on 12-28-2022 11:19 PM Edited on 12-28-2022 11:19 PM By Anthony_E
Description | This article describes how to use an automation stitch to shut down the WAN interface if SLA fails. |
Scope | FortiGate. |
Solution |
In this setup, port1 is the WAN interface.
1) Create Automation Action. Use CLI script to shut and unshut port1.
2) Create 2 separate Automation trigger, like that, when the SLA fail/success, the port1 is brought down/up.
Note. Both triggers have the same config.
3) Create Automation Stitch. When port1 SLA fails, port1 will be brought down. When port1 SLA success, then it will be brought up automatically.
4) Test Result. - port1 SLA failed. port1 shutdown automatically.
date=2022-12-29 time=10:51:33 eventtime=1672282293501050307 tz="+0800" logid="0113022933" type="event" subtype="sdwan" level="notice" vd="root" logdesc="SDWAN SLA notification" eventtype="Health Check" healthcheck="SLA8888FGT1" interface="port1" probeproto="ping" newvalue="dead" msg="SD-WAN health-check member initial state."
date=2022-12-29 time=10:51:34 eventtime=1672282294142945722 tz="+0800" logid="0100020099" type="event" subtype="system" level="warning" vd="root" logdesc="Interface status changed" action="interface-stat-change" status="DOWN" msg="Link monitor: Interface port1 was turned down"
- port1 SLA recover. port1 is brought up automatically.
date=2022-12-29 time=11:14:23 eventtime=1672283663466101195 tz="+0800" logid="0113022933" type="event" subtype="sdwan" level="notice" vd="root" logdesc="SDWAN SLA notification" eventtype="Health Check" healthcheck="SLA8888FGT1" interface="port1" probeproto="ping" oldvalue="dead" newvalue="alive" msg="SD-WAN health-check member changed state."
date=2022-12-29 time=11:14:21 eventtime=1672283661153971871 tz="+0800" logid="0100020099" type="event" subtype="system" level="warning" vd="root" logdesc="Interface status changed" action="interface-stat-change" status="UP" msg="Link monitor: Interface port1 was turned up" |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.