Fortigate – Link Monitoring and Failover Configuration

failoverfirewallfortigateisprouter

enter image description herebgp[![][1]]3i am trying for a failover between two ISP interfaces using link-monitor in fortigate. both ISP links are vlan interface ( ie, not physical). and with my primary ISP, i have eBGP. i need to monitor the link performance, when packet loss through link, make bgp down, so that traffic will be shifted to ISP 2 ( i have static default route through ISP 2 with higher metric).
But in fortigate i have only make interface down ( which is not a good idea obviously) or remove static route through that interface ( which won't work for me, my last mile protocol is eBGP).
If any body is able to give any work around, it will be great.

device configuration
config system link-monitor
edit "to_105"
set srcintf "wan"
set server "xx.xx.xx.xx"
set protocol http
set gateway-ip yy.yy.yy.yy
set update-cascade-interface enable
set update-static-route enable

my rough network diagram is included.

Best Answer

i got confirmation from fortinet that, link-monitor wont be able to control dynamic routing protocol.

Related Topic