I really think it's about your strategy/design how to utilize BGP in
addition to SD-WAN, or vice versa in your network.BGP does provide path
selection based on the destination addresses/subnets (so-called routes).
But can't do this with either source...
The bottom line is FGTs process VIPs first before looking up policies.
If the first VIP isn't specific enough, not having source filters, all
would match the first one then be forwarded to the destination if a
policy allows. If not, would be dropped....
Just draw a diagram to come up with a reasonable physical topology with
IPsec VPNs to connect all 6 locations together. As long as a location is
not isolated, there is at least one path to get from "A" to "F". It
doesn't have to be meshed.However, I ...
