Configuration SD-WAN Pour Basculer Entre Deux Connexions Internet | WAN1 & WAN2 | FortiGate 80D

Introduction

In this tutorial, we will explore how to configure SD-WAN on a FortiGate 80D firewall to seamlessly switch between two internet connections, WAN1 and WAN2. This setup improves network reliability and performance by allowing dynamic load balancing and failover capabilities.

Step 1: Access the FortiGate Interface

1. Open a web browser and enter the IP address of your FortiGate firewall.
2. Log in with your administrator credentials.

Step 2: Configure WAN Interfaces

1. Navigate to Network > Interfaces.
2. Click on Create New to add your WAN interfaces.
3. For WAN1:
   • Set the Name (e.g., WAN1).
   • Choose Interface Type as WAN.
   • Enter the IP Address and Netmask as provided by your ISP.
   • Set the Role to WAN.
   • Click OK to save.
4. Repeat the process for WAN2 with its respective settings.

Step 3: Enable SD-WAN

1. Go to Network > SD-WAN.
2. Click on Create New to set up a new SD-WAN rule.
3. In the Name field, enter a suitable name for your SD-WAN configuration (e.g., "MySDWAN").
4. Under Member, select both WAN1 and WAN2.
5. Click OK to apply the settings.

Step 4: Configure SD-WAN Rules

1. Within the SD-WAN configuration, go to the Performance SLA section.
2. Click on Create New to add a performance SLA for monitoring the connections.
   • Set a Name (e.g., "SLA-WAN1").
   • Choose Member as WAN1.
   • Set the Protocol (e.g., Ping).
   • Specify the Host to monitor (e.g., 8.8.8.8 for Google DNS).
   • Define the Thresholds for acceptable latency, jitter, and packet loss.
3. Repeat for WAN2.

Step 5: Set Load Balancing and Failover Policies

1. In the SD-WAN settings, navigate to the Load Balancing section.
2. Choose the appropriate load balancing method:
   • Volume: Distribute traffic based on bandwidth.
   • Session: Balance traffic based on active sessions.
3. Set failover criteria based on the performance SLAs established earlier.

Step 6: Configure Firewall Policies

1. Go to Policy & Objects > IPv4 Policy.
2. Click Create New to define a new policy:
   • Set Incoming Interface to your internal network.
   • Set Outgoing Interface to your SD-WAN interface.
   • Configure the Source and Destination settings as needed.
   • Enable NAT if necessary.
   • Click OK to save the policy.

Step 7: Test Your Configuration

1. Perform a connectivity test to ensure both WAN connections are operational.
2. Simulate a failure on one of the WAN connections and verify that traffic seamlessly switches to the other connection.

Conclusion

You have now configured SD-WAN on your FortiGate 80D to manage two internet connections effectively. This setup enhances network reliability and performance. For further learning, consider exploring advanced features like traffic shaping and detailed monitoring in the FortiGate interface. If you encounter any issues, refer to the firewall logs or the KBTrainings blog for troubleshooting tips.