Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Multiple Gateways

We have just upgraded to Version 2.8 of the Fortigate OS. We used to be able to have 2 gateways setup per static route as we have both a leased line and ADSL connection running at the same time. This feature no longer seems to be available, as we would like to do source routing and our web browsing traffic out our ADSL line. Can this still be done?
42 REPLIES 42
UkWizard
New Contributor

Yes it can be done, in this version you can do it within the gui now. Have a look at the ROUTER-->POLICY menu section. Then just create a policy to say web traffic use this default gateway.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
Not applicable

We' ve tried this but when you do a tracert it goes to the firewall then to our ADSL Router then stops. Its as if the traffic goes out but can' t get back.
UkWizard
New Contributor

Make sure you have a policy rule that performs Nat, as it sounds like it isnt. if you are confident this isnt the case, try sniffing the traffic from the command line and see whether it is performing nat.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
Not applicable

We' ve checked the rules and it NAT is checked. Is there any way of testing that its performing NAT?
UkWizard
New Contributor

Connect to the CLI and sniff the traffic on the external interface for http traffic, like so; diag sniff sniff external ' tcp 80' source should be the external IP of the corresponding connection.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
Not applicable

I' ve run the sniffer and firewall appears to be doing NAT
UkWizard
New Contributor

Are you 100% confident that the ADSL is actually up and working ?
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
Not applicable

We thought that might be the case but you can tracert to it using and external tracert service. As we have just moved Leased Line providers we still have our old one working so I thought I would try it using that line, but we still get the same thing. You see the traffic going out, the response coming back but no website.
UkWizard
New Contributor

whats the outbound rules configuration ?
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
UK Based Technical Consultant FCSE v2.5 FCSE v2.8 FCNSP v3 Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors