Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

Configuration And Understanding Of Policy Routes

Here in this article we will understand how policy routes will work and how to configure policy routes in fortigate firewall.

Use of Policy Routes:

Lets say in your environment you have multiple ISP, you want to route specific traffic through specific ISP then you can go for policy routes.

Policy routes will have higher precedence than routing table in fortigate firewall.

In this article we will configure two ISP connected directly to fortigate firewall and default route from fortigate firewall will be pointed towards two ISP, so all the traffic from the LAN network towards internet will be load balanced between two ISP (ECMP load balancing). My requirement is to route specific IP traffic “8.8.8.8” towards second ISP.

static route

Lets say your LAN network (“192.168.1.0/24”) which is connected to “port4” of the firewall want to connect to “8.8.8.8/32”  towards second ISP.

You need to define policy route parameters in this way:

Incoming Interface: LAN network is connected to Port4 of the firewall

Source Address: Source address is network which is connected to LAN port of the firewall.

Destination Address: You have to define “8.8.8.8/32” in this scenario

Protocol: Keep it any based on your requirement.

Action: Select forward traffic to match with this route.

Outgoing Interface: Select secondary interface

Gateway Address: Select gateway IP of secondary ISP

You can see this screenshot for your reference:

policyroutetop

policyroutebottom

After defining this route, all the traffic from this network “192.168.1.0/24” toward this “8.8.8.8/32” forward to the secondary ISP.

Before configuring this route make sure there is a firewall policy to allow this traffic.