Good day everyone,
I'd be glad to hear your input on - what are benefits/disadvantages of IPSec site-to-site 2 tunnels between 2 Fortigates, each having 2 ISP links inside/outside SD-WAN membership? SD-WAN config including both ISP links for Internet clear traffic exists on both Fortigates. Both Fortigates run 6.4.4, all ISP links are of the same bandwidth.
I am not going to do Application/Destination-based load-balancing, basic ECMP load-sharing via OSPF/BGP running on both tunnels will be just fine.
Do I miss something ? Will it cause troubles to have SD-WAN and IPsec configs unrelated to each other (like IPSec packets coming via ISP A but replies being sent via ISP-B)?