I have two questions
First Question
I have two internet links which big different in BW ( 200M Link and 10M Link ) , i want SDWAN strategy to to allow voice traffic to be primary on 200M link and backup on 10M while all other traffic has no backup
Second Question
What is the behaver for SDWAN rule manual strategy if all member is down , is the traffic will be dropped or it will going to next rule even the next it the implicit rule
Running on 6.4.6 version
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Dear Ahmed-hassan,
Thank you for posting to the Fortinet Community Forum.
Problem description:-
You want all the voice traffic to go out from 200M link and for backup you want 10M only for voice traffic. For other traffic it should always go from 200M link
Please create a SDWAN rule and select the necessary ISDB and application and use manual method to sent the traffic from 200M and if 200M is down by default it gets route from 10M link.
Since if 200M is down by default only one default route will be active from 10M and even for other link it will be route via 10M link
Q) What is the behaver for SDWAN rule manual strategy if all member is down , is the traffic will be dropped or it will going to next rule even the next it the implicit rule
A)It will be matching the default implicit rule and will work on the basic of load balancing algorithm configure over there
Let us know if this helps.
Thanks
Thanks for your reply
for the 1st question
May be i dont explain it well, i will all internet traffic ( included Voice ) to go through 200M and if 200M link is down , only voice traffic will be routed to 10M while other traffic should be dropped
As i know if i create manual strategy primary 200M & secondary 10M for voice then 200M be down then voice traffic will go 10M but all other traffic will match in implicit rule which will find 10M active
How can i avoid all other traffic to be routed to 10M
for the 2nd question , i totally got it thanks
There is no deny action in SDWAN rule and it is not matching any of the sdwan rule then by default it will match the default implicit rule and even other traffic will start flowing from 10M link
Thanks
Hi,
In your static routes (which I am assuming you use), configure only the static routes for your voice traffic over the 10M link. Do not configure a default route with "SDWAN" enable, rather only use the 200M link.
Use a SDWAN rule with the method of your choosing for the voice traffic and select both the 200M and the 10M links. This way failover can occur for this traffic.
If the 200M link were to fail the performance SLA, no route for the internet traffic is available through the 10M link and as such, internet traffic will not be forwarded through that link.
Regards,
Hello Vignesh,
Thanks for your reply, its really good solution but the problem actual for the "voice subnets" which actually unknown as i planned to use ISDB for microsoft teams for it so i can not do static routing for it
hi ,
did you try policy route to drop the traffic.
mahesh
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.