Hello,
updated our fortigate to version 6.4.1 (was 6.2)
there are new objects in the sd-wan zone. And I can't figure out how to apply them with firewall policy
could you please give an example: where there are two sd-wan zones and one of the zones is assigned to an outbound rule in the firewall
?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 01-12-2023 05:14 AM Edited on 01-12-2023 05:14 AM
Hello
I hope these articles will help you
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SD-WAN/ta-p/198257
also, this resourceful list encompasses all aspects of sdwan : design, deploy, tshoot
Hi,
Just to add some information. SDWAN zones are just zones. Only difference is that in 6.2 you were able to to use each member of SDWAN is firewall policy separately. From 6.4, you will need to use zones to do it. Idea is, if you are mixing interfaces in SDWAN, for example internet access and VPN interfaces, you should create 2 zones. One for internet access and second for VPN and assign each interface based on the role. And then you can use SDWAN zones in firewall policies, static routes etc. If you will use only single sdwan zone, you will be forced to create 1 firewall policy for all interfaces, that can potentially allow leave corporate traffic via internet link, which is not best practice.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.