Unable to add my active ISP WAN interface as SD_WAN Member to a SD_ZONE

JOSIAH_BOZIAH · ‎07-05-2023

Unable to add my active ISP WAN interface as SD_WAN Member to a SD_ZONE , the interface does not show up when adding it to a SD-WAN zone. This is for my home lab, I am running forti os 6.4.5. my ISP WAN 2 is down. cable is connected, because i only have 1 ISP connection, but i still assigned IP to it.

srajeswaran · ‎07-05-2023

Are you able to configure the WAN interface as SD_WAN member? Can you share the configuration?

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

sw2090 · ‎07-06-2023

usually interace not showing up in sd-wan member setup means mostly that there is some reference to it that still exists. You will have to remove any reference to that interface(s) to be able to add them to an sdwan zone.

--

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

JOSIAH_BOZIAH · ‎07-07-2023

can you assist me how to remove the reference? will that affect my internet connection?

Shilpa1 · ‎07-07-2023

Hello JOSIAH_BOZIAH,

This article describes, how to check where and how an object is being used - via GUI or CLI.
https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-Check-Referenced-Objects/ta-p/1948...

Regards,
Shilpa C.P

sw2090 · ‎07-07-2023

if the reference is a policy (and I bet it is *g*) and you remove it on the FGT (i.e. on the fly) it will of course affect everything that matches the policy. If that's your internet policy it will affect your internet connection.

--

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

JOSIAH_BOZIAH · ‎07-09-2023

i dont want my internet connection afftected,.

Brym · ‎07-07-2023

you will need to remove all references to be able to do add it to SDWAN

from GUI to know where the interface is refrenced :

go to network > interfaces> locate your interface on all right you will see refrence and click on the number and will show where it is refrences (usally static route and policies)

using CLI you can use the following

show | grep -f wan1

change wan1 to the name of your ISP interface if it not wan1

JOSIAH_BOZIAH · ‎07-09-2023

i dont want my internet connection afftected

saneeshpv_FTNT · ‎07-09-2023

Hi,

In version 7 onward there is an option to Migrate an interface to an active SDWAN zone using the wizard.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Migrate-Physical-Interface-to-SDWAN-zone/t...

With the above option, you can migrate your link with a very minimal interruption (May be you are already aware of this feature).

As I could see you are using 6.4, you need to perform all these steps manually and there could be chances that you end up having a longer interruption.

Unfortunately, you couldn't avoid the interruption, because you have referenced your physical interface is Firewall policies and routes and you are going to replace them with your SDWANZone which will introduce some interruption.

Regards,

Unable to add my active ISP WAN interface as SD_WAN Member to a SD_ZONE

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website