Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
piligrimm
New Contributor

Can you give an example of using SD-WAN ZONE?

Hello,

updated our fortigate to version 6.4.1 (was 6.2)

there are new objects in the sd-wan zone. And I can't figure out how to apply them with firewall policy

 

could you please give an example: where there are two sd-wan zones and one of the zones is assigned to an outbound rule in the firewall

?

2 REPLIES 2
Anonymous
Not applicable

Hello

 

I hope these articles will help you

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SD-WAN/ta-p/198257

 

also, this resourceful list encompasses all aspects of sdwan : design, deploy, tshoot

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Fortinet-s-Secure-SD-WAN-Resource-List/ta-...

akristof
Staff
Staff

Hi,

Just to add some information. SDWAN zones are just zones. Only difference is that in 6.2 you were able to to use each member of SDWAN is firewall policy separately. From 6.4, you will need to use zones to do it. Idea is, if you are mixing interfaces in SDWAN, for example internet access and VPN interfaces, you should create 2 zones. One for internet access and second for VPN and assign each interface based on the role. And then you can use SDWAN zones in firewall policies, static routes etc. If you will use only single sdwan zone, you will be forced to create 1 firewall policy for all interfaces, that can potentially allow leave corporate traffic via internet link, which is not best practice.

Adrian
Labels
Top Kudoed Authors