Hi all,
im new in fortigate currently we use fortigate 60e and inside already config use wan1 from ISP setup by previous people, now the company just purchase new ISP from different ISP which is i need to add at WAN2 but after i follow the cookbook config i unable to connect the internet for wan2. can some one help me how can i config wan2?
in picture i already remove back the config
reference basic config:
https://docs.fortinet.com...ecting-network-devices
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi, and welcome to the forums You have to configure Wan2 accordingly to your new ISP settings (IP, Subnet) and you have to change the default route to the new (ISP) gateway. But be carefull, this will break your wan1 internet access and any policy that is going to wan1. What is the plan, to use both ISPs in the future? If so, maybe SD-WAN https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/19246/sd-wan is an option for you. Anyhow, you have to change the config and policies anyway. For testing wan2 after you have setting up correctly, you can configure a route to a specific URi or host, let's say google.ch, make a policy and check if you can reach. For smooth migration, you can copy paste all the policies going to wan1 and change them to wan2 (having all then twice -> internal -> wan1 | internal -> wan2). Then you change the default route. If anything is working fine over wan2, you can delete the wan1 policies. Otherwise you change back the default route and you are fast back with internet access. You can also save a config backup and change all wan1 policies to wan2 with a text editor and upload the config. But this is not the best way if your box is in production. It will reboot the box and if there is some mistake, you probaly will break the access and/or your inet access.
________________________________________________________
--- NSE 4 ---
________________________________________________________
hi thanks for reply so to compromise ur explanation that means i need to do like this
after i finish this step
https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/428376/configuring-interfaces
all the thing i need to do is routing and policy setting, and for internal setting is internal LAN right must create and assign ip for both diffrent ip?
INTERNAL -> WAN1
INTERNAL -> WAN2
after finish testing both connection then only i can start config for redundancy right?
Regards & Thanks
hi markus thanks for explanation last time i have sucefully point wan2 isp to fortigate 60e, but it still using wan1 as main internet unless wan1 down it will switch to wan2.
so here wan2 is backup unless i create wan load-balancing as you said before only then it will use both isp.
so next step is to create wan laod-balancing as i have to delete the routing and ipv4 policy then create new.
thanks again
regards
noor
________________________________________________________
--- NSE 4 ---
________________________________________________________
hi markus.
my problem is resolve now the internet has been sharing for both ISP.
for the rest lan port what the use ya?
can i setup the lan port as gateway?
Yes, this is correct...
________________________________________________________
--- NSE 4 ---
________________________________________________________
no, you just use your "internal" as already setup (just named it iternal, maybe you have another naming)
________________________________________________________
--- NSE 4 ---
________________________________________________________
no, you just use your "internal" as already setup (just named it iternal, maybe you have another naming)
________________________________________________________
--- NSE 4 ---
________________________________________________________
hai markus.
do i have to create internal lan for wan2 also ?
as i test using wan2 using internal port lan1&2 which is previous setup from another isp(wan1) can get internet.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.