I have 2 links connected to my firewall. I have 1 server that I want to receive external connections for these 2 links.
Imagine the following situation:
Link 1 - IP 200.10.10.10 - GW: 200.10.10.1
Link 2 - IP 189.10.1.10 - GW: 189.10.10.1
Firewall Default Gateway: 200.10.10.1
If you receive an internet connection to IP 200.10.10.10, the return will happen normally, because Default Gateway is Link1 (200.10.10.1), but if I receive a connection in the IP of Link 2 (189.10.10.10) there will be no return because Default Gateway is Link 1. Is there any way I can get connection through the 2 links and have the correct return?
I saw many issues here at the Forum on outbound traffic, but I did not find incoming traffic.
I remember that in Linux there was like using the Mangle table, but in Fortigate I can not imagine what it would be like.
Thank you very much.
This is likely due to the routes. For this scenario, you need to configure both routes with the same distance, but the priority being different.
If the distances are different only one of the routes appears in the route table. When they are the same, both appear but only the one with higher(lower numerical) priority will be used. It's important both routes are in the route table for this scenario.
blade_ander wrote:I have a similar need, did you get this to work?
I have 2 links connected to my firewall. I have 1 server that I want to receive external connections for these 2 links. Imagine the following situation: Link 1 - IP 200.10.10.10 - GW: 200.10.10.1 Link 2 - IP 189.10.1.10 - GW: 189.10.10.1 Firewall Default Gateway: 200.10.10.1 If you receive an internet connection to IP 200.10.10.10, the return will happen normally, because Default Gateway is Link1 (200.10.10.1), but if I receive a connection in the IP of Link 2 (189.10.10.10) there will be no return because Default Gateway is Link 1. Is there any way I can get connection through the 2 links and have the correct return? I saw many issues here at the Forum on outbound traffic, but I did not find incoming traffic. I remember that in Linux there was like using the Mangle table, but in Fortigate I can not imagine what it would be like. Thank you very much.
HI all,
Sorry new to Fortigate and trying to work out a problem, hence this late post on this chain.
I have a situation, two extenal WANs, both different IP scopes. I have a requirement that if our primay link drops can the public IPs of the primary WAN still be accessible via WAN2 and then through the firewall to the primary WAN interface. We have public facing servers that use NAT, all of the public IPs for them are on the primary WAN. But of course if the primary drops none of these are accessible even though external traffic can still get to WAN2.
Hope that makes sense.
Many thanks.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.