I have a Fortigate 60 F connected to 2 FPOE248 switches via Fortilink.
WAN 1 of the Fortigate connects to a router which provides connectivity to a private WAN, that is also the primary internet access. WAN2 connects to a cable modem that is intended to be a failover Internet.
Port 1 is the gateway for the locations LAN. Port 2 is the gateway for the WiFi LAN. Port 1 is a member of OSPF and is receiving a default route. A Policy route in the 60F is sending traffic from Port 2 out WAN2, so as to prevent the WiFi traffic from traversing the private WAN. All traffic was functioning as intended in this configuration.
As I have done before on other 60Fs, to allow the internet traffic from Port 1 to failover to WAN2, I setup SDWan with WAN1 and WAN2 as members. Manual failover was setup with WAN1 preferred. I implemented IPSLA. At this point, despite WAN1 being the preferred interface, all traffic was exiting WAN2. Both interfaces showed up in the IPSLA. Removing WAN1 from the SDWAN fixed the issue with that Port1 traffic exiting WAN2, when WAN1 was still up, but at this point WiFi traffic stopped working. I eventually had to bypass the 60F entirely to get WiFi restored.
Has anyone had an issue with SDWAN and default routes from OSPF? I've used the SDWan and Policy routes before with no issues. Any thoughts?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.