Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
whyouwannaknow
New Contributor

Static route limit reached

Hello,

 

We have reached the maximum number static routes to use on our Fortigate 100E.

The maximum number is 500.

 

Was I was wondering, if I regroup for example multiple static routes inside a Named Adress base static route (instead of using the subnet directly in the static route) would that clear some space for more static route to use?

 

I don't know if what I'm asking is really clear, but here is the Fortigate doc of what I would like to do : https://kb.fortinet.com/kb/documentLink.do?externalID=FD46327

 

If I regroup for example 4 subnet (that goes into the same IPSec VPN) into a group and that I create a static route using that group (instead of creating a static route of each subnet) will the Fortigate unit consider that as a single static route (because I'm using a group as part of the static route) would it still consider it as 4 static routes (even though I used a group for creating this static route).

 

Thank you in advance for the clarification.

1 REPLY 1
emnoc
Esteemed Contributor III

I don't think that would reduce your RIB size. But man a FGT100E and you hit the max? You need a bigger unit imho.

 

What you could do is aggregated

 

e.g 

 

  192.168.0.0/24

  192.168.1.0/24

  192.168.2.0/24

  192.168.3.0/24 

 

  vrs

 

   192.168.0.0/22

 

You just dropped 3 RIB entries.

 

So you might need to redesign or pay the penalty and go to maybe a 301E where you have 5K RIB entries imho.

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors