Hello,
I have a FortiWifi 60D and 2 ISP lines - 1A and 2B
All my users traffic flows through line 1A
when I define a rule to flow their traffic from LAN1 to 2B. it doesnt work at all.
Whenever i define a Policy Route it works but i lose some functionality.
i have line 1A defined in static route table as 0.0.0.0/32 to 0.0.0.
and line 2B - x.x.x.x/32 to ISP IP HOP
could line 1A definition be a problem?
moreover, i tried defining a VIP for line 2B - x.x.x.x mapped to my LAN1
yet i received an error "duplicate entry" - which i found nothing that resembles that entry i was trying to configure.
im kind of lost here,
thanks.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
policy routing = rule based routing = policy based routing (PBR)
hi,
I cannot really see what you're asking. Traffic to the internet follows the default route which is "0.0.0.0/0" , not "/32". This is no actual subnet but a wildcard matching all routes. If your default route points to wan1 then all users will use wan1.
You use a PBR to divert traffic away from the default route. You can match the source address, the service or the destination address in a PBR.
If you want to use both WAN ports equally you would define an identical second default route for wan2.
So, please clarify what your goal and your question is. If you want instructions, please state your firmware version.
Thanks for the answer, ill clarify what im trying to achieve.
I'm trying to achieve Load Balancing for a specific network.
I have 2 ISPs, as I have stated 1A (WAN1) and 2B (WAN2).
Currently both lines are defined as static route with the value 0.0.0.0/0
Both lines are set to equal weight.
However, No traffic flows through 2B. Even though I have rules defined to specific networks to use WAN2 and placed first in the sequence. I also tested it by disconnecting line 1A - no traffic.
Furthermore, when I defined PBR for that 1 specific network, I lost part of my services - like some users can get mails via Office365 and some don't (everything in Office365 - DNS/MX/Etc.. is defined correctly else it wouldnt work at all without LB)
I hope this is sufficient, I can provide more details if needed.
I've been redefing it from scratch this whole morning.
so far:
If I configure all my services and appropriate records to point to wan2 solely - works like a charm
if i do the same for wan1 - work great
when i try to define them both, in conjuction using the same configurtions and doubling up records - only wan1 works even if i define higher weight and priority.
Hi Dotix,
Make sure there are 2 default routes (via wan1 and wan2 both)
You can verify with command 'get router info routing-table details'
If you want both the routes to be active, you should have the distance of both the default routes to be same.
Coming to the priority, lower the priority, higher the privilege.
Say:
Wan1 default route : Distance : 10 ; priority 0 (default)
Wan2 default route : Distance : 10 ; priority 10
In the above case, only WAN1 route is used. However, the Wan2 route still there in the routing table, which can be used with policy based routes, VIP
Hope that helps.
Hi,
Thanks for the replies.
I've tried that - it doesn't work.
No matter what i've tried - the balancing doesnt work
Hello Dotix,
Could you please attach the config file?
Hi There,
If you disconnect one link and there is no traffic then it means there is definitely a misconfiguration. First make sure you each link works perfect on its own.
Thanks and Regards
C
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.