I have configured a new SD-WAN for VPNs, I removed the 2 old VPNs and all objects related in both Fortigates and created new ones
The new VPNs are working when I go from a device inside my network in site 1 to another device in my network on site 2, also is working from a device inside my network in site 2 to another device in my network from site 1. The problem is when I ping from the Fortigate to a device in the remote network,
With a debug I saw that the traffic is going out using the public IP instead of the private IP.
How can I change the IP used to go out from the Fortigate to a device in the remote site?
I need this to add "Performance SLAs"
I tried to change IP address to the IPsec interface, and using specific gateway in the SD-WAN settings, still the same.
that sounds like a routing issue. The routing table is the very first thing that is looked at. It provides the "way" and then after this it needs to match some policy (which is not policy #0 probably).
So if traffic hits the wrong interface that mostly means either your route is incorrect or it does not exist at all on that FGT because in the last case it will hit the default route then.
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.