New FortiGate admin here. We have two internet connections. I'm looking to shape traffic so specific connections prefer WAN2, while everything else prefers WAN1. Criteria would need to include connections to outside servers (both ingress and egress) that could be specified by IP or FQDN, as well as by protocol (eg. SIP).
And, when either WAN connection drops, the traffic would need to fail over to the available WAN interface.
I'm not finding good documentation on accomplishing this. Any help would be appreciated!
You are probably looking for SD-WAN.
You may start here:
https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/889544/sd-wan-quick-start
Created on 04-03-2025 05:00 PM Edited on 04-03-2025 05:00 PM
SD-WAN looked like it would do the trick, but would also be quite a bit more setup work and quite a bit of over-kill.
I wound up going with Static Routes to set WAN1 as the general-preference and WAN2 for failover, and then doing very simple Policy Routes to push VoIP and other specific traffic towards WAN2.
Basically static route scenario #3:
and then a policy route, but just internal address, destination address and gateway filled in:
https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/144044/policy-routes
User | Count |
---|---|
2549 | |
1356 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.