เซ็ตอัพ Fortigate เป็น 2 WAN
To set up load sharing between two active WAN interfaces, where Internal traffic is initiated outbound, you need the following:
There must be a Static default route for both WAN interfaces with equal distance.
Note: The shorter the distance metric will be the preferred the route the FortiGate unit will use to route outbound traffic. Therefore load sharing between two active WAN interfaces must have a default route for each with equal distance. This enables outbound traffic to traverse either WAN interface based on the policy routes and access policies defined.
Set up policy routes to forward traffic through one WAN interface.
Policy routes are necessary to determine which outbound traffic (based on source/destination address, src/dst port or protocol, etc.) will be routed out of the desired WAN interface.
Set Access Policy to forward traffic initiated from the internal interface to a particular WAN interface.
Outbound access policies are needed (in conjunction with policy routes) to allow traffic to pass through the firewall and traverse the selected WAN interface.
Internal -> Wan1
Src = a.b.c.d
Dst=Any
Note: BOTH matching policy routes and correct access policies must be created in order to perform load sharing on the FortiGate unit properly.
-------------------
http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=10376&sliceId=1&docTypeID=DT_KCARTICLE_1_1
Friday, June 10, 2011
บันทึกเรื่องราวดีๆเกี่ยวกับ config Fortigate เอาไว้อ่านในภายหลัง
Posted by MRT IT Consult on 5:57 AM
| Leave a comment
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment