Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Lohith07
New Contributor II

Created on ‎02-04-2023 08:17 AM

Fortigate SDWAN with Active Passive connections

Hi,

 

We will be deploying 2 firewalls behind a GWLB on AWS. We now need to plan for integrating with the existing SDWAN connecting to on-prem locations. Can we have one firewall as active for few branches and the other one as active for the remaining. 

 

Can you please share if there is a reference document related to the requirement.

 

Thanks

Lohith

Labels:
818
0 Kudos
1 REPLY 1
gfleming
Staff
Staff

Created on ‎02-04-2023 08:19 PM

I'm confused. Do you have two firewalls in A-P? or are they independent and not clustered? Either way most likely of course you can do what you want.

 

It all comes down to routing and SD-WAN rules. If you have the routes to the destinations over both WAN (or in this case IPSec) interfaces then you just need to create the SD-WAN rules that make sense.

 

Can I be honest though? It sounds like what you are doing is overly complicated? Why are you trying to split it up the way you are?

Cheers,
Graham
797
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.