Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RolandBaumgaertner72
Contributor

Policy Routes with SD WAN - Suggestions

Hello,

 

we are changing a FG Cluster to FG200F.

 

In the old config we have 2 x WAN Access and we devided the accesses with Poliy Routes +  Policies.

 

Now we want to use SD WAN as Backup Failover and devide in a smarter way the traffic. So now I am not sure if we change our Policy Routing to SD WAN Rules? But some of the Policy Routing is also depending on LAN, DMZ and VPN, so I guess I will still need Policy Routes and for all outgoing traffic to SD WAN SD WAN Rules, no?

 

What is the best practice to have like Failover + 90-10% Balancing, the Implicit Rule?


Thanks! 

 

 

 

 

 

2 REPLIES 2
spoojary
Staff
Staff

In SD-WAN it has his own rule on which interface to be used, if you have any.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-SD-WAN-failover-between-two-three-WAN-inte...

Siddhanth Poojary
syordanov
Staff
Staff

Hello RolandBaumgaerhner72,

 

If you want to combine Policy routes + SD-WAN , keep in mind that Fortigate fist process the policy routes and if there is no match then checks the SD-WAN . The KB bellow provides a useful information for the behaviour of Fortigate when policy routes +SD-WAN are configured :

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-Routing/ta-p/207197

 

Also keep in mind that if you want to configure a SD-WAN on your existing configuration , every new SD-WAN member should be not used anywhere in your configuration(no references ).

 

Best regards,

Fortinet

.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors