Addition of existing Interfaces with references to new SD-WAN zone
Just seeking some confirmation here. We have a fortigate cluster with the following model/version:
Currently, we have 2 Internet links in use with no SD-WAN configuration. We would like to implement SD-WAN for these 2 links. Each interface in question has approximately 40 references in the following config sections:
System Interface (site-to-site tunnel)
VPN IPsec Phase 1 Interface (seems to be same as above)
VPN SSL Settings
I would like to know which, if any of there references are not required to be removed before the interface can be available for inclusion into the SDWAN zone. Additionally, after the interfaces have been successfully added, based on your experience, should there be any expected issues adding back the individual interfaces to any of the configs we removed them from (eg. VIPs)? Also, given the OS version and build stated at the top of this post, are there any limitations in the usage of the SDWAN zone in further configurations eg. static routing (the idea is to have a default static route pointing to the SDWAN zone as the next hop).
Is there any way to execute this procedure by saving the config file and making the edits via a text editor, then restoring the edited config? Rather than the arduous task of removing and restoring references via the GUI?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.