I am having 2 WAN with 2 different Telco on 60E. I have try to use policy to only allow subnet A to use WAN 1 to access internet by Telco A and subnet B to use WAN 2 to access the internet by Telco B. But I am not able to do that due to the static route of 0.0.0.0 /0.0.0.0 is route to WAN 2. Please advise is there a way, thanks
maybe setting up a 2nd defaut route for wan1 with different metric/prio might help?
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hi pg.ns,
Unfortunately Sebastian's suggestion won't work the way you want...it would only help in a failure of one ISP.
You need to use policy routing to achieve what you're looking for. However, it's important to note that you may black hole a subnet if that subnet's respective ISP fails without taking the link physically down. That may be fine with you, but just keep that in mind.
Here are some links that may help you:
https://kb.fortinet.com/kb/viewContent.do?externalId=FD31240
https://kb.fortinet.com/kb/documentLink.do?externalID=100116
- Daniel Hamilton
well maybe I was too unclear :)
I meant that additionally. Of course you also need a policy that allows traffic from out this subnet to internet only via corresponding wan.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1759 | |
1116 | |
766 | |
447 | |
242 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.