We have two ISP uplinks connected to a 100F firewall. One is 500 Mbps and another is 100 Mbps. The management wants to route the business apps through the fast link and use the slow one for the guest/lunchroom WiFi. That one is pretty easy.
However, they also would like to limit the bandwidth available to the guest network in case the primary fails and everything has to go through the 100M pipe. Say, limit the guests to 10Mbps. If the backup line fails it's fine for the guest WiFi to have no Internet.
I know how to do traffic shapers and apply them to the rules, but how do I set it up so that it only applies in the case of the failover and does not limit guests to 10Mbps all the time?
Hope someone has stumbled upon this before :)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
One single thing comes to mind right now, in order of how to automate this.
Using automation stiches, configure one to look for a ForitOS event like Interface link status changed and then as a action, just issue the CLI commands that will actually create a firewall shaping policy for the wifi users and limit the traffic.
I think that you can do the reverse and remove the policy when the interface comes up.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.