Hello, I have a Fortigate FG100D (5.2.8) configured with two WAN interface (with 2 different ISP and a public IP for each). This Fortigate is configured to route all LAN to WAN traffic through WAN1, with a route-based fail-over (with administrative distance) to WAN2. I also configured Virtual IP (and according policy) to allow incoming traffic for some services. This works fine if the VIP is on WAN1 but I'm not able to make it work for a second VIP on WAN2. I don't see any traffic incoming on WAN2 in Fortiview/All sessions. It seems like response traffic is routed through WAN1 because when I add a route to the external client public IP using WAN2, it works fine. In the policy, I tried with and without NAT, without success. How can I deal with setting a VIP on WAN2 with default outgoing traffic routed through WAN1 ? Thank you for your help, Regards, Fred
I just realized that I used distance in routing to specify WAN failover, whereas I should have used Priority.
Setting equal distance and higher priority for WAN2 did the trick.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.