1. Configure WAN interfaces using Manual IP assignment: Go to Network -> Interfaces, and assign an IP address to the first WAN interface:

• Repeat the same step as WAN1 but with WAN2 now.
• Enable an option to add multiple interfaces in a policy and to avoid creating a separate policy for WAN2 or WAN1 for traffic coming from LAN to WAN. Go to System ->Feature Visibility and enable 'Multiple Interface Policies':

• Create a Firewall Policy under Policy & Objects -> Firewall Policy and select 'Create New'.

Note1:

After enabling 'Multiple Interface Policies', add multiple interfaces to a single policy.

• Configure the default routes to allow the Failover under Network -> Static Routes and select 'Create New'.

Note 2:

It is important to note that when distances are equal, both routes will be included in the routing table. However, the route with the lower priority will be preferred. The s* symbol indicates that this route is the primary route to the internet.

If assigning a higher distance to WAN2, it will be removed from the routing table and will no longer be usable. If the goal is to keep WAN2 available for specific routes, port forwarding (VIP), or management access, it is better to use the configuration option mentioned above.

The WAN2 default route has been removed and is no longer available for use.

1. Configure WAN interfaces using DHCP IP assignment: When the FortiGate WAN interface is connected to the ISP modem, it typically obtains an IP address from the DHCP server of the modem. In this case, the interface will also receive the default gateway and DNS server information from the ISP. By default, the default gateway has a distance of '5' and a priority of '1'. If two default routes are setting up as shown in the previous steps, and it was not considered the DHCP address provided by the ISP modem, the firewall will prioritize it due to its lower distance, removing other default routes from the routing table.

To keep one of the interfaces as a DHCP client, to achieve ISP Failover, assign a higher distance to the other interface.

The basic settings of the ISP Failover have been completed. The steps mentioned will work if having a physical or logical shutdown of any of the WAN interfaces, but, if internet service is lost on the ISP modem, Failover may not be done. To avoid this issue, it is necessary to configure a link health monitor, to accomplish this please follow this guide: link-monitor.