Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mike_dp
New Contributor

Reverse flow issues with SD-WAN

We are experiencing random reverse flow issues with SD-WAN. We have a Cisco UCCX that does a db replication to a remote site on port 1504. The trafic goes through either MPLS or IPSec VPN via SD-WAN rules (MPLS is #1 priority unless the SLA tresholds are reached) and since 6.4.4 the trafic coming back doesn't and it causes issues in UCCX. Adding static routes fixes the issue and packet captures shows trafic not coming back.

 

Does anyone have related issues with SD-WAN and 6.4.4?

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6 FortiAnalyzer, ForticlientEMS
2 REPLIES 2
James_G
Contributor III

I have had exact same issue and had to add static routes, config is with SDWAN zones covering both MPLS and IPsec in one zone, ISP connections the other zone. Hardware is FGT 100F with 6.4.4.

mike_dp

We are using sd-wan since it was first created so we are still using one single zone. Good to know that having ISP in another zone doesn't change anything. I created a support case, maybe it's a known bug and 6.4.5 will fix it.

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6 FortiAnalyzer, ForticlientEMS
Labels
Top Kudoed Authors