Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Dual Wan - Internal Failover not Working

Hi! Please Forgive my Bad and Poor English!!! I have a FG 60 (Fortigate-60 3.00,build8509,070705) with Dual Wan connection and one " LocalLan" . I Have Static IP in one of the ISP and Automatically Assigned (DHCP) in the other ISP (reserved in ISP to always use the same). I Setup a Dual Wan scenario with Link Redundancy as described in [link=][/link]. My goal was keep Internet Connection when one of the Wan Link is Down, and provide external access to services like Web, SMTP (with MX Balance) and Terminal Service Connections (I Have two " A" records pointed to my externals IPs) so I configured the same " Distance" between networks to provide Internal and External access. Also, I " UnCheck" the " Retrieve default gateway from server." checkbox to define " Interface Priority" in Cli (as shown below). Sometimes, when I loss connectivity from one of the Wan link, nobody can gain Access from Lan, but external traffic coming from " Working WAN Link" access is mantained and Working Fine. When Link is Back, I need to reset device to allow Outgoing traffic again (I have two policies allowing traffic from lan to wan1 and wan2. My Question is: FG OS support my needs? My settings are correct? It' s correct to receive the DHCP Default Gateway Option in DHCP Enabled WAN? If Yes, How I define Wan Priority? My relevant Settings: config router static edit 2 set device " wan1" set gateway set priority 2 next edit 3 set device " wan2" set gateway next end config system interface edit " internal" set vdom " root" set ip x.x.x.233 set allowaccess ping https ssh http set type physical next edit " dmz" set vdom " root" set ip x.x.x.1 set allowaccess ping https set status down set type physical next edit " wan1" set vdom " root" set mode dhcp set distance 10 set priority 2 set allowaccess ping set gwdetect enable set detectserver " x.x.x.1" set log enable set type physical next edit " wan2" set vdom " root" set ip x.x.x.125 set allowaccess ping https set gwdetect enable set detectserver " X.x.x.249" set log enable set type physical set description " Wan xxxxx" next end Thanks in Advance