On FortiGate, PORT 1 and PORT 2 will function as ISP providers, along with PORT 3, designated for LAN traffic.

PORT 1 - 10.47.2.32.

PORT2 - 10.47.18.32.

Test Machine IP – 10.119.3.61.

Here is the SD-WAN Rule setup.

Since PORT1 is ranked higher in interface preference than PORT2, the anticipated behavior is that the SD-WAN Rule, upon activation, will utilize PORT1 to route the traffic from 10.119.3.61 destined for the internet.

Now, if it were in the PORT 2 position, above PORT 1 in the interface preference of the SD-WAN Rule, the expected behavior would involve PORT 2 being employed to perform NAT for the outgoing internet traffic.

Here is the forward traffic log that would show that PORT 2 is used to translate the traffic going out.

Now, if port 2 goes down, despite its higher position relative to PORT 1, PORT 1 will be utilized to perform NAT for outgoing traffic.

To test this, PORT 2 has been disabled.

Here is the screenshot that would show PORT 1 IP is used for NAT traffic going out.

Additional information:

To include zone preference in addition to interface preference, the scenario unfolds as follows: Interface preference will supersede zone preference. The same underlying logic applies to zone preference, where the topmost interface is chosen for NATting the traffic.

For example:

• There are 3 interfaces: port1, port2, and port3.
  • Port2 is in Zone1.
  • Port1 and port3 belong to the default virtual-wan-link zone.
• An SD-WAN rule is created with Interface preference set to port3 and port1, and Zone preference set to Zone1.

The SD-WAN rule prefers the interfaces in the following order:

1. port3.
2. port1.
3. port2.

Related documents: 

Fields for configuring WAN intelligence
Traffic selection behavior in SD-WAN when multiple zones and members are configured