Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ck8882
New Contributor

SDwan outgoing interface been selected wrongly in manual strategy

HI All,

 

 

Would like to help about the SDWAN interface path selection.

 

I did some testing in the lab. I found out Tunnel traffic is not outgoing like what we set in outgoing interface selection strategy manual.

 

From the routing table, we see the tunnel Is outgoing via VPN2, which is not match the setting in SDWAN rules outgoing interface selection strategy. In  outgoing interface selection strategy, we did select VPN1 as priority and second is VPN2, Also the SDWAN GUI is showing  VPN1 been selected is the 1st path to outgoing” However, when I run traceroute and sniffed packet, found the outgoing path is VPN2 instead. May I know would it a bug or something else cause it?

 

In the OSPF routing, we did check the priority is same for both tunnel. So we really have no idea which part cause the wrong outgoing path.

 

4 REPLIES 4
srajeswaran
Staff
Staff

Can you check if you are hitting known issue below

833399

Static routes are incorrectly added to the routing table, even if the IPsec tunnel type is static.

 

https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/236526

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
abarushka
Staff
Staff

Hello,

 

I would recommend to check whether health check is configured and whether health check is green.

FortiGate
tthrilok
Staff
Staff

Hi,

 

Could you please check if there are any existing long time sessions already established on the firewall?

>> Is this you are seeing the behavior with every new session created?
>> Please check if you are already having any policy-based routes in the firewall?

ck8882
New Contributor

Hi all, 

 

thanks you guys information. issued is resolved