Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Vird
New Contributor

Fortigate 50E, use static WAN from one of the dual ISP

Hello, I have a Fortigate 50E which I placed 2 ISP's in both WAN1 and WAN2 and using them both to load balance. One of my ISP has a static WAN Address, which is WAN 2. I am trying to setup SSH to my server so I can connect remotely, I port forwarded my server IP in the ISP modem(WAN 2) but upon looking into canyouseeme.org it shows the WAN address of my other ISP(WAN 1) and sometimes shows the WAN 2 address. My question is how can I set it in Fortigate that it only uses WAN 2 public static address so that I can remotely connect to the server?

2 REPLIES 2
aksingh
Staff
Staff

Hello,  It looks there is two default routes so ECMP gets trigger and outgoing traffic from the server takes sometime WAN1 and sometime WAN2  ISP. You can create a policy route if you want to traffic via a specific ISP ( WAN2 ), also configure VIP with external interface as WAN2 for VIP. Please refer below link on the same scenario, hope it will be helpful

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Access-to-an-internal-server-using-a-VIP-v...

 

Regards,

seshuganesh
Staff
Staff

Hi Team,

 

 

May i know who is updating this record "canyouseeme.org" to wan1 or wan2?

I believe they are not pointing correctly.

You can use fortiddns with unique domain name, and keep interface as wan2 which will resolve your issue:

https://docs.fortinet.com/document/fortigate/7.2.0/administration-guide/685361/ddns

Please check and keep us posted