Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
a11smiles
New Contributor II

WAN Failover not working

I have a FortiGate 80F, and I've attempted to configure WAN failover.

 

Configuration:

internal1:

    ip/mask: 192.168.3.99/255.255.255.0

    dhcp range: 192.168.3.110-210

    DNS: 8.8.8.8,8.8.4.4

 

wan1:

    ip/mask (DHCP assigned): 192.168.1.21/255.255.255.0

    dns/gateway: 192.168.1.1

    distance: 10

 

wan2:

    ip/mask (DHCP assigned): 192.168.2.110/255.255.255.0

    dns/gateway: 192.168.2.254

    distance: 20

 

Goal: All traffic should be routed through wan1 when it is up. Only while wan1 is down should traffic be routed through wan2.

 

Issues:

  • I can never ping the wan2 dns/gateway (regardless of wan1 being up or down) unless I'm connected directly to the wan2 router via cat45 or wifi. 
  • I also cannot ping the router on wan2 (IP address: 192.168.2.110)
  • When wan1 goes down, I cannot get out to the internet (unless, again, I'm connected directly to the wan2 router).

In other words, it doesn't appear that my FortiGate is directing traffic over to wan2 properly.

 

Troubleshooting:

When wan1 is up, the routing table:

 

Routing table for VRF=0
S*      0.0.0.0/0 [10/0] via 192.168.1.1, wan1, [1/0]
C       192.168.1.0/24 is directly connected, wan1
C       192.168.2.0/24 is directly connected, wan2
C       192.168.3.0/24 is directly connected, internal

 

 

When wan1 is down, the routing table:

 

Routing table for VRF=0
S*      0.0.0.0/0 [20/0] via 192.168.2.254, wan2, [1/0]
C       192.168.2.0/24 is directly connected, wan2
C       192.168.3.0/24 is directly connected, internal

 

 

I've also enabled snat-route-change

 

 

Thanks!

1 Solution
a11smiles
New Contributor II

fixed it via support call. Policies needed to be updated.

View solution in original post

1 REPLY 1
a11smiles
New Contributor II

fixed it via support call. Policies needed to be updated.

Labels
Top Kudoed Authors