Hello,
we are changing a FG Cluster to FG200F.
In the old config we have 2 x WAN Access and we devided the accesses with Poliy Routes + Policies.
Now we want to use SD WAN as Backup Failover and devide in a smarter way the traffic. So now I am not sure if we change our Policy Routing to SD WAN Rules? But some of the Policy Routing is also depending on LAN, DMZ and VPN, so I guess I will still need Policy Routes and for all outgoing traffic to SD WAN SD WAN Rules, no?
What is the best practice to have like Failover + 90-10% Balancing, the Implicit Rule?
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
In SD-WAN it has his own rule on which interface to be used, if you have any.
Hello RolandBaumgaerhner72,
If you want to combine Policy routes + SD-WAN , keep in mind that Fortigate fist process the policy routes and if there is no match then checks the SD-WAN . The KB bellow provides a useful information for the behaviour of Fortigate when policy routes +SD-WAN are configured :
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-Routing/ta-p/207197
Also keep in mind that if you want to configure a SD-WAN on your existing configuration , every new SD-WAN member should be not used anywhere in your configuration(no references ).
Best regards,
Fortinet
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.