Here in this article we will understand how policy routes will work and how to configure policy routes in fortigate firewall.
Use of Policy Routes:
Lets say in your environment you have multiple ISP, you want to route specific traffic through specific ISP then you can go for policy routes.
Policy routes will have higher precedence than routing table in fortigate firewall.
In this article we will configure two ISP connected directly to fortigate firewall and default route from fortigate firewall will be pointed towards two ISP, so all the traffic from the LAN network towards internet will be load balanced between two ISP (ECMP load balancing). My requirement is to route specific IP traffic “188.8.131.52” towards second ISP.
Lets say your LAN network (“192.168.1.0/24”) which is connected to “port4” of the firewall want to connect to “184.108.40.206/32” towards second ISP.
You need to define policy route parameters in this way:
Incoming Interface: LAN network is connected to Port4 of the firewall
Source Address: Source address is network which is connected to LAN port of the firewall.
Destination Address: You have to define “220.127.116.11/32” in this scenario
Protocol: Keep it any based on your requirement.
Action: Select forward traffic to match with this route.
Outgoing Interface: Select secondary interface
Gateway Address: Select gateway IP of secondary ISP
You can see this screenshot for your reference:
After defining this route, all the traffic from this network “192.168.1.0/24” toward this “18.104.22.168/32” forward to the secondary ISP.
Before configuring this route make sure there is a firewall policy to allow this traffic.