Hi,
we have a FG100F cluster and are using 3 x WANs to balance our traffic with SD WAN. This configuration is like at least 4 years old and it worked fine but now we get more and more user problems accessing different URLs (e.g ariba.com from SAP) and at the end we have to put more and more adresses in another SD WAN Rule to access only with WAN A. We have now like 10 URLs como exception and I am worried that we are getting more and more.
Is there any way to change or adapt the SD Wan for this problems?
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
Just to check, please make sure that FortiGate has access to DNS and FortiGuard. Sometimes, if you have ISP specific DNS, if it goes via another ISP, DNS might fail. Please check this article, check especially fortiguard and dns section:
No we still have the problem, also we got 2 new pages yesterday which we had to include in an exception. I dont know if they are all government sites but it seems that lately they activated this kind of protection to check the source IP.
We still have to check the option in SD WAN > Max Bandwith and Source Destination if this will help us.
Thanks
It will absolutely help you. The problem is today clients are being load balanced across all your WAN links even for the same connections to the same server and the servers are getting upset becuase the source IP keeps changing for the session.
Hi,
but how can I configure a basic rule like my "balancing rule" for most of my traffic with source destination? I can only see the option in my implicit rule where I can choose Load Balancing Algorithm. In all other rules above I dont get the option?
Thanks
Well which rule is the SAP traffic hitting? Is it the implicit rule or some other rule? Just change your implicit rule to soure-dest load balancing for now and work from there..
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.