This article discusses the configured policy route types in the policy route table.
FortiGate.
There are 3 types of policy routes displayed in the Policy Route Table (Regular policy route, ISDB route, and SD-WAN rules).
diagnose firewall proute list
list route policy info(vf=root):
id=1(0x01) dscp_tag=0xfc 0xfc flags=0x0 tos=0x00 tos_mask=0x00 protocol=0 sport=0-0 iif=5(port3) dport=0-65535 path(1) oif=3(port1) gwy=192.0.1.254
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=0 last_used=2023-08-26 10:06:57
This is a regular policy route(ID<65535).
id=2113929219(0x7e000003) static_route=3 dscp_tag=0xfc 0xfc flags=0x0 tos=0x00 tos_mask=0x00 protocol=0 sport=0-0 iif=0(any) dport=1-65535 path(1) oif=3(port1) gwy=192.0.1.254
source wildcard(1): 0.0.0.0/0.0.0.0
destination wildcard(1): 0.0.0.0/0.0.0.0
internet service(1): Fortinet-FortiGuard(1245324,0,0,0,0)
hit_count=0 last_used=2023-08-26 10:06:31
This is an ISDB route(ID>65535 and no vwl_service field).
id=2130771969(0x7f010001) vwl_service=1(internet) vwl_mbr_seq=1 dscp_tag=0xfc 0xfc flags=0x0 tos=0x00 tos_mask=0x00 protocol=0 sport=0-65535 iif=0(any) dport=1-65535 path(1) oif=4(port2)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=1 last_used=2023-08-26 10:07:51
This is an SD-WAN rule (ID>65535 and the vwl_service field is present).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.