Description | This article describes how to enable application traffic with an SD-WAN rule in FortiGate. |
Scope | FortiGate. |
Solution |
For well-known applications, FortiGuard services and SD-WAN rules can be used to direct traffic per application or application category.
The visibility of application detection is disabled by default in the FortiGate GUI.
set gui-app-detection-sdwan enable
After enabling the functionality in the CLI, the field is visible for selecting applications, application categories, or groups of applications as SD-WAN rule destination criteria for IPv4 rules. If the functionality is not visible immediately after the change, it is requested to reload the page or log-out and re-logging into the FortiGate will bring back the feature visible.
For application-based SD-WAN steering, application control needs to be enabled in the firewall policy. It is possible to find more information about application control in Application control - FortiGate administration guide. |