I've upgraded some of my devices to 6.2.1 recently and tested the SD-WAN feature and ran into a funny issue with VPN's.
In the SD-WAN I have four interfaces added, two are my underlay physical interfaces (MPLS and INTERNET) and the other two are the overlay VPNs on these interfaces (VPN-MPLS and VPN-INTERNET).
I've noticed that any SD-WAN rules that reference the VPN interfaces show up in the policy based routes but don't have any interfaces in the 'To' column. The SD-WAN rules that have the underlay interfaces show up correctly.
As such none of the SD-WAN rules that I have actually work as no interfaces show up. Attached screenshot shows the SD-WAN rule that references the VPN interfaces as empty, while the one above it referencing the underlay interfaces correctly.
Wondering if anyone had this same problem?
All good found the issue. The performance SLA I had for the VPN SD-WAN rules was not met (server was down), so the route was in the policy routing table but had no interfaces in it. As soon as the SLA was good the interfaces got populated correctly.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.