I have a Fortigate with 2 ISP connections, and 2 firewall policies.
Firewall Policy 1 - to send traffic from internal LAN to ISP A (ID 6)
Firewall Policy 2 - to send traffic from internal LAN to ISP B (ID 12)
Right now Fortigate seems to always select Policy2/ISP B, even if I change the sequence of the policies.
The only way I can get it to use ISP A, is to disable the port for ISP B.
I tried creating a static route to use ISP A, but that creates a whole different issue. Certain computers cannot connect to the internet and Windows troubleshooter points to DNS issue, while some computers have no problems at all. The few computers that had this problem were Windows 7. Not sure if that's coincidence.
So my question is, is there another way for Fortigate to prioritize one Firewall Policy over the other?
Initinally I did not have any Policy Route, because I had only one ISP. Routing was handled just by the Firewall Policy. Even now, I've disabled all Policy Routes because of the DNS issue but my internet connection still works. Is there something else that controls the route?
But here's the configuration. I created it to test if I could forward traffic to certain websites. It worked fine. But I've disabled it until I can resolve the Firewall Policy issue.
So basically, without Static Route and without Policy Route, I can still access the internet because the Firewall Policy takes care of that. I just need a way to make the "Internet - Maxis" policy as the preferred policy.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.