This article describes the scenario when a user has enabled IPV6 in the FortiWeb but wants to use IPv6 static route.

Users configure the IPv6 static route, but the traffic is not sent by the port defined by the static route.

For instance, the default route to port1 is not taking effect.

# config router static
    edit 1
      set dst 0.0.0.0/0
      set gateway 10.0.0.1
      set device port1
    next
    edit 2
      set dst ::/0
      set gateway 2801:1f:8800:1001::1
      set device port1
    next
  end

Even when the static route is added to the routing table.

FWEB_SSF_BOG # diagnose network route list

0.0.0.0/0(none)->0.0.0.0/0(port1) via 10.0.0.1, pri 0 prot 2 scope 0
0.0.0.0/0(none)->10.0.0.0/26(port1) via 0.0.0.0, pri 0 prot 2 scope 253
0.0.0.0/0(none)->172.25.4.0/22(port2) via 0.0.0.0, pri 0 prot 2 scope 253
::/0(none)->2801:1f:8800:1000::/64(port2) via ::, pri 256 prot 2 scope 0::/0(none)->2801:1f:8800:1001::/64(port1) via ::, pri 256 prot 2 scope 0
::/0(none)->fe80::/64(port2) via ::, pri 256 prot 2 scope 0
::/0(none)->fe80::/64(port1) via ::, pri 256 prot 2 scope 0
::/0(none)->fe80::/64(port_tn) via ::, pri 256 prot 2 scope 0
::/0(none)->::/0(port2) via fe80::286:9cff:fefe:c01, pri 1024 prot 9 scope 0 ::/0(none)->::/0(port1) via 2801:1f:8800:1001::1, pri 1024 prot 2 scope 0

To fix this issue, enable  'set ip6-forward enable'.

If users want to use IPv6 static route, not just the IPv6 local link route, it is necessary to enable ip6-forward from CLI:

# config router setting
    set ip6-forward disable <----- Enable.
  end