I have configured SD-WAN for the Internet links and working as expected for more than a year now. I have also configured the VPN tunnel (Named as SITE-A & SITE-B) in SD-WAN recently and it is working as expected. However, at times, the Internet traffic takes route via the SITE-A or SITE-B. I understand this is due to these 2 tunnels are also member of SD-WAN hence it takes a route. Is there a way that I should ONLY educate the Fortigate to take SITE-A & SITE-B routes only if it is matching the remote site's network segment (e.g. 172.16.0.0/24 & 172.17.0.0/24) and NOT all the Internet traffic? I also see COST in the SD-WAN which by default for the WAN links as 0. What cost should I mention for the VPN tunnel when it is member of SD-WAN?
Anand
hi would you mind to share your FORTIOS version?
Fortigate Newbie
FG-300D, v.6.4.0
Anand
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.