Hello guys,
I wish someone will assist me or prove me right or disprove me.
Purchased few FG-40F units after an aggressive sales campaign that these new units are perfect solution for a small office and SD-WAN.
I see there's only one WAN port on the unit and unfortunately I can't add it to the virtual-wan-link.
It looks the firewall can only add lan2 and lan3 ports to SD-WAN. What's the point of having WAN port on the unit ?
With only 4 ports and one of them dedicated to the Fortiswitch link I'm limited.
Hi and welcome to the Forums. Seems you have a reference on the wan interface, maybe the default policy lan->wan. Try to delete this policy and all other references (e.g. ssl vpn) the you where able to put the wan port to the sd-wan interface.
________________________________________________________
--- NSE 4 ---
________________________________________________________
Thank you, Marcus! That was it. I normally check policies for interface utilization but this time I totally neglected.
It is FGT factory default that there is one switch that has port 1-n and has an internet policy via the WAN port(s).
Basically you can add any interface to sd-wan as long as it doesn't have reference(s). That is because if you add an interface to sd-wan it does no longer exist as an own interface for use in policies etc because you want to use sd-wan instead then.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.