Networking

FortiGate—SDWAN_Tunnel_Interface

Situation

FortiGate IPsec interface cannot be routed through SD-WAN for selection.
diag sys sdwan service > Service disabled caused by no outgoing path > dead.

Solution

[1]
Add a IP on the tunnel interface and remote tunnel interface.

[2]
Use these IPs as SLA method.

Check

# 確認member
diag sys sdwan member

# 確認某個流量有沒有走到我想要的interface
diag sys sdwan service

# 輸出每個健康檢查目標的狀態
diag sys sdwan health-check