Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
HDClown
New Contributor II

Redundant WAN - fall back to primary issues

FortiGate 60D with FortiOS 5.0.7 I have setup Dual WAN connection per this article: http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Install_advanced/cb_install-dual-internet.html wan1 / primary connection is Cable Modem w/Static IP wan2 / backup connection is DSL with Dynamic IP I' ve followed the article exactly except under Router / Static / Settings / Dead Gateway Detection, I am using pingserver.fortinet.com for both wan1/wan2 and I' ve changed internal and failover to 2 for both connections as well. Note that I did NOT setup the redundant configuration to use ECMP. wan1 route is statically defined with distance of 10 and priority 0 wan2 being DHCP with route being pulled from gateway, the distance on wan2 interface is set to 20. I did not specify a priority for wan2 in CLI Failover from wan1 to wan2 works without an issue, but sometimes fallback to wan1 never occurs, or it takes a really long time to occur after wan1 comes back online. When the fallback never occurs, rebooting the device does the trick and it comes back up using wan1 again for outbound connections. I can' t find anything useful in logs so I' m a bit stumped on why the fallback never occurs or takes extended periods of time.
2 REPLIES 2
Ramesh_M
New Contributor

Hi, We have configured the same setup and working fine... Did you enabled icmp ping under router setting and the ping to gateways or any other ip... Common ip will ping if the wan1 went down with the help of wan2...

Ramesh M Technical Specialist - CCNA(Security), FCNSP, ACE, ASE, ITIL blogs.itzecuriry.in

Ramesh M Technical Specialist - CCNA(Security), FCNSP, ACE, ASE, ITIL blogs.itzecuriry.in
HDClown
New Contributor II

Under Router / Static / Settings I have ECMP Load Balancing Method set to Source IP Based. Under Router / Static / Settings / Dead Gateway Detection I have two entries, one each for wan1 and wan2. They are both dentical: Gateway IP - 0.0.0.0 Ping Server - pingserver.fortinet.net Default Protocol - ICMP Ping Ping Interval (seconds) - 2 Failover Threshold (Pings lost consecutively - 2 HA Priority - 1 For Dead Gateway Detection on wan1, which is static, should I change " Gateway IP" to the actual Gateway IP for the connection? For wan2, it' s DHCP, so I don' t know the gateway, what would I put here? Should HA priority be adjusted? I want to treat wan1 as active/primary and wan2 as passive/backup
Labels
Top Kudoed Authors