I have two fortigate units in standalone mode and both have asymmetric routing enabled. I would like to re-design my network in order to not enable asymmetric routing since enabling it is a (very) bad security practice.
So, here is the diagram of the network. The fortigates are not in cluster. What happens is that L3 switches load balance the traffic that originates behind them in a round-robin fashion using wan link 1 and wan link 2. Traffic may go using wan link 1 and come back using the other wan link. In order to overcome this, we enabled asymmetric routing (long back ago) and its working since then, no issues. Today we want to re-design the network to avoid the use of asymmetric routing since its a bad security practice.
I came with several designs, but in every one of them i have my doubts:
1st design: Active-Pasive cluster, both wan links enter the same fortigate unit so no asym routing enabled. The problem with this is that the master FG unit fails, both wan links fail and i have to go and manually change the cables to the slave FG.
2nd design: Active-Pasive cluster, sames as before, but with one wan link in each FG unit. The problem with this is that im wasting a whole wan link, and i MUST use both at the same time.
3rd design: Active-Active cluster, but here i have even more doubts, because i do not have real world experience with active active clusters and i dont see how it can address the asymmetric routing problem.
Any help would be appreciated, thank you in advance!