Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor III

Virtual IP (Static NAT) on multiple WAN link running BGP

Hi everyone,

I would like to seek assistance from the experienced forum members on below scenario- 


I have a FG Firewall having 2 BGP peerings and announcing a public pool. The peers are configured as primary/backup in BGP using the attributes (LP/AS prepend) . These 2 interfaces over which the BGP peers are formed are bounded in a zone called "North Zone" 


Now, I have a web server which is using 1 IP from public pool which is being announced over BGP. 



Web Server (> Fortigate Firewall --- > interface port1---announcing to primary peer1

Web Server (> Fortigate Firewall --->interface port2---announcing to secondary peer2


Now, I would like to have a static NAT using VIP for the web server <----> 


Problem: VIP lets me bind to only 1 interface however in the event primary path is reachable the secondary peer will still have the path to the public pool but this static nat will not work unless I manually create the VIP entry..


I haven't used the "any" option for now as  I had a bad experience with this NAT option in VIP. It hadn't worked but will again give a try to check the flow.


Please provide your valuable inputs on this issue and let me know the solution if you ever encountered this scenario.



Sandeep Jha




New Contributor III

This worked with 'any' option just in case someone get into similar situation.


Thanks, Sandeep Jha

Top Kudoed Authors