My FortiGate SDWAN Configuration and Some Use Cases

preview_player
Показать описание
SD-WAN is finally getting to where it needs to be thanks to FortiOS 6.4.1
I do not recommend running 6.4 on production yet but so far it has worked fairly flawlessly on my home unit.

In this video I discuss why SD-WAN is useful and the various cases where you can use it to better your organization. I also go into an overview of my relatively simple setup to help folks grasp the functionality and idea of it all.

My Other Projects:

###### SOCIAL LINKS ######
######################
  1. Fortinet Guru
  2. SDWAN
  3. Fortinet SDWAN
  4. FortiGate SDWAN
  5. SDWAN Configuration
Рекомендации по теме
My FortiGate SDWAN 0:16:25

My FortiGate SDWAN Configuration and Some Use Cases

Fortigate Firewall SD 0:24:33

Fortigate Firewall SD WAN Configuration step by step

How to configure 0:15:48

How to configure SD-WAN in FortiGate Firewall

Full Fortinet Setup 0:35:58

Full Fortinet Setup & Walkthrough **For Beginners** | SD-WAN | VLAN | Wi-Fi | Testing & More

How to Configure 0:13:15

How to Configure SDWAN on Fortigate Firewall

Fortinet Secure SD-WAN 0:19:17

Fortinet Secure SD-WAN 7.2 Demo | SD-WAN

SD-WAN Configuration for 0:17:34

SD-WAN Configuration for Internet Failover With Two Connections | WAN1 & WAN2 | FortiGate 80D

Day-19 | How 0:11:52

Day-19 | How to configure SD WAN in fortigate firewall | Fortigate firewall full course

FortiGate Firewall Dashboard 1:17:46

FortiGate Firewall Dashboard Explained: Key Features, Network, Policy, Administration & System I...

How Fortigate SDWAN 1:16:39

How Fortigate SDWAN works

Fortigate - basic 0:09:35

Fortigate - basic SD-WAN configuration - FortiOS 6.2

SD-WAN configuration on 0:47:57

SD-WAN configuration on Fortigate Firewall 6.4.0

New Firewall: Configuration 0:27:52

New Firewall: Configuration of WAN, WAN2, LAN, LACP, VLAN, SDWAN and on a FortiGate 60E

Simplify Your Network 0:01:36

Simplify Your Network and Security with Fortinet Secure SD-WAN | SD-WAN

Fortigate Firewall SD-WAN 0:05:31

Fortigate Firewall SD-WAN Configuration | How to connect 2 Internet links to Fortigate | SD-WAN |

How to configure 0:28:40

How to configure SD-WAN on Fortigate

FortiGate 200E Unboxing 0:11:37

FortiGate 200E Unboxing and SD-WAN Configuration

How to Configure 0:07:54

How to Configure SD-WAN On Fortigate Firewall

FortiGate IPsec ADVPN 0:25:49

FortiGate IPsec ADVPN with SDWAN and Dual ISPs

SD-WAN Configuration on 0:11:23

SD-WAN Configuration on FortiGate: How to Split Traffic from 2 Networks/VLANs between WAN1 and WAN2

FortiGate SDWAN with 0:15:11

FortiGate SDWAN with IPsec VPN

FortiGate NSE4 - 0:12:50

FortiGate NSE4 - SD-Wan

Fortinet Full Stack: 0:48:00

Fortinet Full Stack: Configuring FortiGate, FortiSwitch, FortiAP | SD-WAN, VLAN, SSID, w/FortiLink!

Fortigate SD-WAN LAB 0:18:43

Fortigate SD-WAN LAB Guide

Комментарии
Автор

How do you utilize SD-WAN? Tell us below!

FortinetGuru
Автор

SD-something traditionally means control plane and data plane separation, one of the main pillars of SDN. In Fortinet solution, control plane and data plane are not separated. This means that Fortinet solution is just a mechanism of automated policy-based traffic distribution between WAN links. All the features of SDWAN (ZTP, ABR, visibility and automation, etc) existed before SDWAN. But this doesn't mean that we should call them SDWAN now.

ciscco
Автор

the cable modem had ping variation of 2ms why you talking crap about it.

richcarroll
Автор

really cool video, would love to see IPsec implementation on top of SDWAN that would be a very cool topic, , thanks

mohammedmustafaali
Автор

OK, so external interface names replaced with SDWAN names, easy enough for routing traffic out.

With incoming traffic just replace the external interface name with SDWAN too ?

chrism
Автор

@ 7:07 - "If the fibre link had to fail it wouldn't use that policy it would use the link that's still existing."
So if it wouldn't make use of the SD-WAN rule 1 then what would hosts on the PRUETT_LAN make use of then?

Nsadheo
Автор

Question, if I want to set up a fortigate firewall and switch for my home network do I need to get enterprise grade internet to get the gateway IP, WAN IP etc?

Phillipscocina
Автор

Hey, if you don't recommend 6.4 for production environment (is it true even now with 6.4.3?) and you hate 6.2, what version do you use for client installations? Btw, very good video. Thanks a lot.

LucSVK
Автор

Hey Mike! So...it's been months since video and 6.4 is up to 6.4.4 now, would you consider it stable for production now?

JoeyGarcia
Автор

is it possible that i can use the other WAN for usage of specific windows server?

drawingtest-zo
Автор

why u do not do a full explanation to FortiGate as a full series ??

ibrahimsobhy
Автор

Good video! We use SD-WAN simply as a fail-over between two WAN connections on 6.0.9. SSLVPN and site-to-site tunnels are tied to the IPs, and it doesn't seem to let you tie them to the virtual SD-WAN interface instead, so when primary goes down, so do the tunnels, but internet for the office stays up! Maybe you know a better way around this?
Do you have any guides on how to implement split-tunneling for SSLVPN traffic? I found the cookbook to be kind of lacking.

jong
Автор

Nice video, I just implemented SD wan with three WAN links, it works very well and much neater than policy routes to specify where the traffic goes, another amazing benefit is the redundancy that is completely worry-free and automated now.

Schumdog
Автор

From 6.4.x series, beware of 6.4.5 Fortigate Issue 672925, titled: "Traffic cannot pass through IPsec tunnel after being offload to NPU." Causes some issues mainly with ESP packets inside such IPSec (tunnel in tunnel.. I know)
6.4.4 is stated to be free of this defect, the fix is supposed to be in 7.0

I still see 6.4.x series being verry buggy.

BobbyBike
Автор

Hey Mike! Fantastic video! I had no idea what SD WAN meant before watching this video. Can you expand on how this eliminates the needs for a private line or MPLS network? You mentioned a business can purchase a consumer grade link instead. Thanks for the info!

Alkfan
Автор

So, if the preferred link goes down the implicit rule catches the traffic and routes said traffic out the other link?

TheBomb
Автор

So, changed your mind about SD-WAN? it's pretty easy on a Fortigate. ;-)

DannyMaas
Автор

How can I setup the priority of my SD-WAN members if I only wanted my Wan1 (Fiber) to be active and my Wan2 (Coax) to be failover. I swear the functionality was on my FG GUI during version 6.2 or 6.0 I believe.

nathaniellagos
Автор

Hey Mike. Bit of a blast from the past, but, great vid!
Just set this up on my home network with 7.2, which looks and works very similarly. Have you played with 7.2 much yet?

derasnan
Автор

Thanks for the video. what fortigate model with an affordable price tag, would you advise to someone (just trying to learn firewall for the 1st time) for a home network with up to 3-4 people with access to the network?

eltonribeiro