choose between multiple ISP

najiam · ‎04-08-2024

I have an SDWAN with 2 ISP each assigned it's own real IP.

I am working all the time on ISP1 with failover and switch to ISP2 in case 1 goes down.

Basically, I need a new rule just to redirect or allow all traffic from 1 Lan IP to ISP2 please, while all the rest of the Lan keep working on ISP1.

And I will disable this new rule whenever I don't need it.

Things I tried , create a new policy but all I can assign is the sdwan, I cannot choose between ISP.

bpozdena_FTNT · ‎04-08-2024

If you have SDWAN already implemented, you will simply need to create a new SDWAN rule and specify the LAN IP as source. You will then manually select the outgoing interface there.

Note that SDWAN rules are assessed from to to bottom, so you will likely need to place this SDWAN rule at the top.

More details can be found at https://docs.fortinet.com/document/fortigate/7.2.8/administration-guide/413288/sd-wan-rules-overview .

HTH,
Boris

najiam · ‎04-09-2024

I can't modify the SDWAN , not sure why.

creating a new sdwan rule and adding isp2 did not work , i guess because ISP2 interface is already assigned.

Also trying to remove isp2 from the original sdwan did not work.

AEK · ‎04-09-2024

You don't need to create a new SD-WAN, just keep both ISPs in the same SD-WAN interface.

In your SD-WAN rules, you need to have the top most rule like this:

Source address: the client IP you want to route through ISP2
Outgoing Interface / strategy: manual
Outgoing interface: ISP2

And in your firewall policy you use your SD-WAN interface as outgoing interface:

source: all
destination: all
destination interface: SD-WAN interface

AEK

choose between multiple ISP

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website