Prerequisite:
-There will be a network downtime needed to configure SD-WAN Failover.
-The 2nd WAN link should be active and connected on the firewall
1. We would need to create SD-WAN Members and we will start with the 2nd link WAN2
Configure SD-WAN Zone
Go to Network > SD-WAN then click create new zone and you can set any name
Create SD-WAN member
For this, we can't usually add the current WAN1 as it is linked to firewall rules. We will have some network downtime at this point to re-route the firewall rules to use the SD-WAN link.
We will start adding WAN2 for the SD-WAN member as it is a new link and not in any rule.
Interface: We will select WAN2
SD-WAN Zone: this is the zone we created for the SD-WAN
Gateway: Dynamic
Cost: 10 - We set this higher as this is the failover link
Priority: 10 - We set this higher as this is the failover link
To add WAN1 on the member, we will need to modify the firewall rule and point it to SD-WAN. The traffic will be routed to the 2nd link and there will be some network downtime.
Go to Policy & Objects and edit the destination of the firewall rules to use the SD-WAN
After modifying the firewall rules, we can add WAN1 to the SD-WAN member
Create static route going to the internet using the SD-WAN
We will then create a network link monitoring
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article