I'm trying to improve my setup.
I have a new Fortigate units with 2 ISP: 1 primary and 1 backup under FortiOS 7.2.3.
So I followed this https://docs.fortinet.com/document/fortigate/7.2.2/administration-guide/431448/sd-wan-overview in order to add my wan1 and wan2 into virtual-wan-link. I configured a cost 0 on WAN1 and a cost 10 on WAN.
I added the default static route through virtual-wan-link. However, I cannot manage the distance and priority of this route and I'm not sure my VPNs (IPSEC + SSL) will continue to work.
When I created a VPN (without SDWAN), I used to create a static route to the VPN interface with a lower distance than my default route.
But now, I can only create a static route with the same priority. Will it work ?
I read this https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-IPsec-VPN-with-SD-WAN/ta-p/20984... but not sure if it's mandatory ?
Unfortunately I cannot test right now. I need to create and prepare my setup before going into production. So i wonder if anyone already experiment a setup like mine:
- SD WAN primary/backup for WAN1 and WAN2
- SSL VPN / IPSEC / VIP on WAN1 ONLY
Do I need to configure something more or review my priority to get my VPNs working along my new SD Wan setup.
Let me know if you need more info or if it's not clear.