we have 4 providers and we want to divide them into two organizations so that the users of each organization go through their providers.
I see a way out in creating another vdom , but I don’t want to do this, maybe there is a simpler option?
if you dont want to split them to seperated vdoms, you should disable sdwan feature and create firewall policy from lan to seperated wan interface
org1LAN=>wan1
org2LAN=> wan2
you can also enable sdwan, and split one of the interface out of sdwan members, then create seperated policies for this
Hi adminuniscan,
You can look into sdwan zones: https://docs.fortinet.com/document/fortigate/6.4.2/administration-guide/942095/sd-wan-zones
Thanks,
Shahan
I think I found the answer to my question, it will be sd-wan rules
okay, if you only want routing traffic base on source/destination, it's enough
Hi adminuniscan,
You can use sdwan rules to steer traffic towards required sdwan interface: 
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/716691/wan-path-control
However, please be aware that if wan connectivity fails via one organization, you have firewall policies in place to deny traffic via other sdwan interfaces. There is implicit allow rule which might match at the end incase of issue. So it would makes sense if you use sdwan rules in combination with sdwan zones and ensure that firewall policies are in place to deny traffic.
Thanks, 
Shahan
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.