Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Redundant interfaces - 40C

we have a multiple internet ISP and i want to configure Dual internet connections (redundant Internet connections). But when i try the below command its shows error output. (gwdetect) # edit wan1 invalid unsigned integer value: wan1 value parse error before ' wan1' Command fail. Return code -651 Please suggest the solution.. Thanks, Jugeshwar Mahto
Esteemed Contributor III

Apparently, the action ' edit' is not valid here. You are very short on information, OS version?, which menu you are in etc. but if you want to check what can be done at this point, just enter a question mark (' ?' ). Most probably, you can ' set' a variable but not ' edit' a subsection here.


"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Valued Contributor III

How about:
 login as: admin
 admin@' s password:
 Fortigate-1 $ config system interface
 Fortigate-1 (interface) $ edit wan1
 Fortigate-1 (wan1) $ end
 Fortigate-1 $ exit

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at:

Bob - self proclaimed posting junkie!See my Fortigate related scripts at:
New Contributor

or CLI: config router gwdetect edit wan1 # give a list of IPs that all have to be down in order to invalidate routes via this If. set server next edit wan2 set server next end exit (please note; that the IPs listed [in the FortiOS versions we tend to use, others may differ] will also bias the gwdetect servers down the links for other non-gwdetect traffic. Either by way of a hidden global policy-based-route or a forced forwarding-information-base (ie, the next hop cache) entry [we' ve not figured out quite how, but the proof was validated in our testing]. Hence why the above list is set to similar but different IPs (examples are google DNS and OpenDNS DNS IPs that are geographically dispersed (despite being singular IPs)). The default gwdetect mechanism is PING (you can see this by doing a ' show full-configuration' while within ' config router gwdetect' ).

This is actually in the wrong forum, needs to be moved to the FortiOS section. This forum is specifically for Antivirus related questions. To quickly address the question, Richard' s method is what you would use for 5.0 and below. In 5.2 we have a new Virtual WAN link that takes care of all this for you. You add the two WAN interfaces along with the IP you want it to ping for healthcheck reasons, and then put in the loadbalancing config you want. Cheers!
-- Sean Toomey, CISSP FCNSP Consulting Security Engineer (CSE) FORTINET— High Performance Network Security
New Contributor III

Agree with Sean. Good to see that you prefer CLI the old Cisco way but this requirement would be met easily with GUI. You can configure No of Pings / Timeouts etc.

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D


Ahead of the Threat. FCNSA v5 / FCNSP v5 Fortigate 1000C / 1000D / 1500D
Top Kudoed Authors