My team has been deploying a lot of SDWan lately with DIA and Broadband circuits. We have a couple of sites that have frequently been reporting session disconnects from cloud hosted applications and SIP phones that suddenly lose audio.
I asked the sites to start reporting the exact times so I could correlate their issues to events in the logs. So far, each reported event seems to correlate to SDWan changes. Digging in deeper, neither of the circuits seem to be dropping, just falling outside the defined SLA values.
Each time it was reported, I checked the active sessions on the firewall for the impacted phones and saw the destination interface being used didn't match the interface SDWan was preferring at the time. This leads me to believe the SDWan decisions are impacting existing connections.
If I have the "Update Static Route" slider enabled, and a circuit doesn't meet the defined SLA requirement, will it break existing connections by removing the route, but keep the sessions active in state?
When would a person want to enable this slider and when would they want to keep is disabled?
How are your SIP phones connecting across your WAN? Do you have IPSec tunnel? Or is it going to Internet somewhere? If it's using internet you are likely doing NAT. When SD-WAN SLA causes a new interface to be used you will be establishing a new session with new SNAT and that will break SIP communications as it has to reconnect.
If you have IPSec tunnel overlay you can switch between WAN links seamlessly...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.