Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SecurityPlus
Contributor II

Should We Configure All Firewalls With SD WAN In Case Of Future Dual WAN? - Best Practice

Just added a second WAN connection to a firewall that was already in use with only one WAN connection in use. Could not complete the SD WAN setup remotely since we would loose connection the the firewall during the reconfiguration. Instead we had to temporarily modify all policies using WAN1 before putting the WAN1 and WAN2 into a newly created SD WAN interface. Question, would it be a best practice to set up an SD WAN on a firewall in which no dual WAN connection was planned to be used? If this were done, it would be much easier to later add a WAN2 connection. Would there be any disadvantage until a WAN2 connection was put into use?  

4 REPLIES 4
SecurityPlus
Contributor II

Any feedback concerning this question? Wondering what the downside of setting up SD WAN but not using it (only using one WAN connection).

emnoc
Esteemed Contributor III

Will yes you have many choice but you can build a virtual-an with one  interface just for this and as BW grows you add a 2nd link. No disadvantage exist and in fact it would be very smart to  take this suggested approach since you do not have to remodifiy any rules if you plan on adding a 2nd link at a TBD.

 

Ken

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
SecurityPlus

Thanks!

MattM

I ran into the same scenario a few years ago when we added a second WAN to a firewall.  I learned my lesson that day and I've been setting up all my Fortigates with SD-WAN ever since.  It's very handy when adding a second ISP.  I've even had situations where we needed to switch from one ISP to another.  I was able to setup the new ISP on WAN2 and add it to SD-WAN.  I could then remove the old ISP without anybody knowing.  It made for a very smooth transition.  

 

I haven't had any issues and recommend this setup to the other techs I work with.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors