Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ahmed-hassan
New Contributor II

SDWAN rule backup for certain traffic only

I have two questions 

 

First Question

I have two internet links which big different in BW ( 200M Link and 10M Link ) , i want SDWAN strategy to to allow voice traffic to be primary on 200M link and backup on 10M while all other traffic has no backup 

 

Second Question

What is the behaver for SDWAN rule manual strategy if all member is down , is the traffic will be dropped or  it will going to next rule even the next it the implicit rule 

 

Running on 6.4.6 version

6 REPLIES 6
sjoshi
Staff
Staff

Dear Ahmed-hassan,

 

Thank you for posting to the Fortinet Community Forum.

 

Problem description:-
You want all the voice traffic to go out from 200M link and for backup you want 10M only for voice traffic. For other traffic it should always go from 200M link

 

Please create a SDWAN rule and select the necessary ISDB and application and use manual method to sent the traffic from 200M and if 200M is down by default it gets route from 10M link.

 

Since if 200M is down by default only one default route will be active from 10M and even for other link it will be route via 10M link

 

Q) What is the behaver for SDWAN rule manual strategy if all member is down , is the traffic will be dropped or it will going to next rule even the next it the implicit rule
A)It will be matching the default implicit rule and will work on the basic of load balancing algorithm configure over there

 

Let us know if this helps.

 

Thanks

Let us know if this helps.
Salon Raj Joshi
Ahmed-hassan
New Contributor II

Thanks for your reply

 

for the 1st question 

May be i dont explain it well, i will all internet traffic ( included Voice ) to go through 200M and if 200M link is down , only voice traffic will be routed to 10M while other traffic should be dropped 

As i know if i create manual strategy primary 200M & secondary 10M  for voice then 200M be down then voice traffic will go 10M but all other traffic will match in implicit rule which will find 10M active 

 

How can i avoid all other traffic to be routed to 10M 

 

for the 2nd question , i totally got it thanks 

 

sjoshi

Hi Ahmed-hassan,

 

There is no deny action in SDWAN rule and it is not matching any of the sdwan rule then by default it will match the default implicit rule and even other traffic will start flowing from 10M link

 

Thanks

Let us know if this helps.
Salon Raj Joshi
vponmuniraj
Staff
Staff

Hi, 

 

In your static routes (which I am assuming you use), configure only the static routes for your voice traffic over the 10M link. Do not configure a default route with "SDWAN" enable, rather only use the 200M link. 

 

Use a SDWAN rule with the method of your choosing for the voice traffic and select both the 200M and the 10M links. This way failover can occur for this traffic. 

 

If the 200M link were to fail the performance SLA, no route for the internet traffic is available through the 10M link and as such, internet traffic will not be forwarded through that link.

 

Regards,

Vignesh
Ahmed-hassan

Hello Vignesh, 

 

Thanks for your reply, its really good solution but the problem actual for the "voice subnets" which actually unknown as i planned to use ISDB for microsoft teams for it so i can not do static routing for it 

mahesh_pm
New Contributor III

hi ,

 

did you try policy route to drop the traffic.

 

mahesh

Cheers,
Cheers,
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors