I'm new to configuring sdwan with bgp, I've worked on both separately very well but have found it difficult to integrate them together. The scenario is as follows:
I want SDWAN communication between 2 Fortigate with 4 site to site ipsec VPNs and BGP routing. Neither of the 2 is hub or spoke so the ADVPN functionality I think does not fit in my scheme. Basically it would be a SPOKE-SPOKE or HUB-HUB communication if we see it in some way.
FGT 1 -------- 4 VPN in SDWAN --------------- FGT2
The idea is that it works as it does with static routing; when a link is degraded by packet loss it switches to the next link and vice versa when the primary link improves it returns the traffic.
I have tried to follow the guide below:
https://docs.fortinet.com/document/fortigate/7.0.0/sd-wan-self-healing-with-bgp/559415/overview
But most of the documentation you find refers to HUB-SPOKE or ADVPN. I have tried to make adjustments to make it HUB-HUB but the configuration has not worked for me.
Does anyone have any recommendations or guidelines?
You need to add the vpn interfaces to a sdwan zone, otherwise you can't choose them for routing.
You can do one zone with wan and vpn or two zones, one for vpn one for wan. Depends on your exact scenario https://mobdro.bio/ .
There are configuration guides as you said. If siu have specific questions regarding those or are not sure of what to do need to do, I would advise to hire a consultant.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.