Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Telcovisionamos
New Contributor II

Change member interface to another SD-WAN zone

Hi everyone

I have a fortigate 300E. I updated a few month ago, but, this update It generated another zd-wan zone. I explain myself better. In this moment I have two wan interfaces, these interfaces must be along the same sd-wan zone, but, both are separated. I would like to correct this but I'm not sure the best way to do it. 

5 REPLIES 5
sidewaysguy14

If you have the SD-WAN zone created, you should be able to select that zone when editing the SD-WAN member.  If I'm understanding you correctly, you should be able to resolve this by editing the SD-WAN member and selecting the zone you want to use. 

Secure all the things!
Telcovisionamos

Thanks for answer, in fact, one of the interfaces doesn't permit add to another member because of has been used in policies, NAT etc. At the time that I wish add interface to correct sd-wan zone, the fortigate doesn't permit. 

sidewaysguy14

I see what you are saying.  That is correct you will not be able to add the member if it is used in a policy.  So the key thing is that the interface needs to be removed from the policies.  If the traffic on those policies is fine to use the existing member in the SD-WAN Zone, then swapping in the zone on the polices to free up the interface object would be one way to handle this.  I'm not sure how big or complex your config is, but this should be okay to start as a configuration.  As your SD-WAN interface will have the default route, don't forget to check if there are static routes for the interface moving in as a member.  

Secure all the things!
Telcovisionamos

Thanks for the answer.

sidewaysguy14

No problem @Telcovisionamos!

Secure all the things!
Labels
Top Kudoed Authors