FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 197556


This article describes FortiGate source-ping using SD-WAN rules.


FortiGate has 2 WAN links which are PORT1 and PORT2.
One IPsec tunnel is tested.

There is One SD-WAN rule and no performance SLA.
There is one default route.

FortiGate LAN is PORT3 which is
Use source IP has been configured to ping but fail. is PC on IPsec LAN.


Ping from LAN PC and able to ping because it will use SD-WAN rules.
Found that in Fortigate CLI, to let the interface IP to ping opposite, under 'ping-option', 'use-sdwan' needs to be configured as 'yes'.
Then FortiGate able ping to So it is not relate to performance SLA just the ping option on FortiGate only.