Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
tino_p
Staff
Staff

Created on ‎02-15-2024 09:43 PM

Article Id 299685

Technical Tip: SD-WAN performance SLA down because of DNS issue

Description

This article describes the issue of SDWAN performance SLA being down due to DNS problems. This can happen especially when using Ping (to a domain name) as the protocol in Performance SLA.

 

For example:

 

1.PNG

In the Firewall's CLI, it also cannot ping to domain name: google.com. It usually indicates that the Firewall has an issue with DNS settings.

 

2.PNG
Scope SD-WAN, FortiGate, DNS.
Solution

To fix the problem, it is possible to either:

 

  1. Create a new Performance SLA - ping protocol, using the IP address instead of the domain name, and apply it in the SD-WAN rule.

3.PNG

Or,

 

  1. To fix the DNS issue on the Firewall, so that the Firewall can resolve the domain name to the IP address.

    4.PNG

    5.PNG
Labels:
351
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.