Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Coady
New Contributor II

Created on ‎02-05-2024 06:43 AM Edited on ‎02-26-2024 03:18 AM By Community Manager

Issue with SD-WAN zones due to identical gateway IP

Good afternoon, 

We have a FG-60F with 2 SD-WAN zones. The first one for corporate use is connected to a single Starlink antenna. The second SD-WAN zone for client use is connected to 2 Starlink antennas. These 2 apply load balancing to maximize bandwidth. The problem is that we can't use both SD-WAN zones at the same time for their respective uses because the 2 Starlink antennas all use the same gateway IP 100.64.0.1. Whenever I set a static route 0.0.0.0 to use this IP it will only work for SD-WAN zone 1 or 2, not both

Can this be fixed using policy based routing instead of static routes? Or is there another way to get this to work correctly? Unfortunately, we're unable to change the gateway address of the Starlink devices.

 

Thanks in advance, 

Labels:
1659
0 Kudos
1 Solution
Coady
New Contributor II
In response to AEK

Created on ‎02-05-2024 07:34 AM

Thanks for the reply. Your solution does work indeed (as this is how we previously had it setup). The problem is that traffic needs to be setup over the SD-WAN zones as described above, this is due to data limits on the connections. 

 

But I have managed to solve the issue by using Policy Based Routing instead of Static Routes. 

View solution in original post

1641
0 Kudos
3 REPLIES 3
AEK
SuperUser
SuperUser

Created on ‎02-05-2024 07:17 AM

Hello

I'm not aware of such issue, but one of the possible solutions may be to put all 3 interfaces in the same zone then manage their usage in SD-WAN rules.

AEK
AEK
1645
Coady
New Contributor II
In response to AEK

Created on ‎02-05-2024 07:34 AM

Thanks for the reply. Your solution does work indeed (as this is how we previously had it setup). The problem is that traffic needs to be setup over the SD-WAN zones as described above, this is due to data limits on the connections. 

 

But I have managed to solve the issue by using Policy Based Routing instead of Static Routes. 

1642
0 Kudos
Emandel
New Contributor II

Created on ‎02-05-2024 03:17 PM

Hi, I have some similar scenarios where ISP modem/router has the same subnet that internal LAN (192.168.0.x). My solution is create a VDOM to separate the WAN interface so the root VDOM doesn't know that ISP has the same subnet. Sure you can do the same and you will can get the SDWAN working with the VDOM link.

 

Regards.

1589
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.