We have a Data center (DC) and a Central Location (HQ).
For a redundancy we have 4 separate lines:
- 2 are direct leased lines, which I want to use for a primary connection;
- 2 are trough Internet and I would like to use them as a backup connection.
I have implemented the IPSec between all points and I am using BGP.
The question is how to achieve maximum bandwidth usage and redundancy in the same time?
Should I:
1. Use IPSec aggregate or SDWAN on the primary and secondary interfaces?
2. How to make sure the secondary is used only in case secondary goes down? In my current setup I tried to use BGP with communities, but still there is traffic on all interfaces.
3. I have to add move remote locations with, each with one primary and one backup line. If I put them into the same SDWAN, whenever the primary goes down the packets are sent to the other members in the same SDWAN, is this a normal behavior?
Solved! Go to Solution.
Hi Satory,
The policyr rules are configured in zone sdwan destination. You don't use interface name. It's more simple.
For the priority in the SDWAN member, i think this link will interested you.
If you have multiple link, SDWAN will simplify your configuration.
Best regards,
on the Hub, 1 zone with all member line. and in your policy you have only 1 zone, but you can filtered with source/dst network
Will try this in Monday and will give a feedback :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.