SD-WAN stand for (Software-defined wide area network), , is a
kind of networking technology that optimises and manages the performance of
wide area networks (WANs) using the concepts of software-defined networking
(SDN).
What is SD-WAN used for?
SD-WAN Using a virtual WAN architecture, businesses may safely link users to
applications by utilising any mix of transport technologies, such as MPLS, LTE,
and broadband internet services.
A Link Aggregation Group (LAG) is a method used in networking to combine multiple physical network
connections into a single logical connection. This technique enhances network
performance and provides redundancy
EtherChannel is a port link aggregation technology that is
mostly utilised on Cisco switches. In order to provide fault-tolerance and
high-speed links between switches, routers, and servers, it enables the
grouping of several physical Ethernet links into a single logical Ethernet
link.
Set ip address ISP1 and ISP2
on Forigate Master
We have 2 ISP
ISP1=
10.10.10.10/24
Gateway=
10.10.10.1
DNS=
8.8.8.8
ISP2=
20.20.20.10/24
Gateway=
20.20.20.1
DNS=
8.8.8.8
]
Netwrok ]Interface
]Port1
]Edit
]
]Ok
]
Netwrok ]Interface
]Port2
]Edit
]
]Ok
Network ]SD-WAN
]Create
New ]New
SD-WAN Zone
]Ok
Network ]SD-WAN
]Create
New ]SD-WAM
Member ]
]Ok
]Ok
Configure Static Route
Network ]Static
Routes ]Create
New ]
Ok
Configure LAN Aggregate
Network ]Interface
]Create
New ]Interface
]
Ok
Create VLAN
Network ]Interface
]Create
New ]Interface
]
Ok
And VLAN40 do the same VLAN30
Create Policy & Object for VLAN30 and VLAN40 to
Internet
Policy & Object ]Firewall
Policy ]Create New ]
VLAN40 do the same VLAN30
Configure Cisco Switch
Create Channel1
Core_Switch>enable
Core_Switch#configure terminal
Core_Switch(config)#hostname Core-Switch
Core_Switch(config)#interface range gi0/1,gi0/0
Core_Switch(config-if-range)#channel-group 1 mode active
Core_Switch(config-if-range)#no shutdown
Core_Switch(config-if-range)#end
Core_Switch#show ip interface
brief
Configure Trunk
Core_Switch>enable
Core_Switch#configure terminal
Core_Switch(config)#interface po1
Core_Switch(config-if)#switchport trunk encapsulation dot1q
Core_Switch(config-if)#switchport mode trunk
Core_Switch(config-if)#no shutdown
Core_Switch#show ip interface brief
Core_Switch#show interfaces trunk
Create VlAN-30 and 40
Core_Switch#show vlan
Core_Switch#configure terminal
Core_Switch(config)#vlan 30
Core_Switch(config-vlan)#name VLAN-30
Core_Switch(config-vlan)#vlan 40
Core_Switch(config-vlan)#name VLAN-40
Core_Switch(config-vlan)#end
Switch Port to VLAN
Core_Switch(config)#interface gi1/1
Core_Switch(config-if)#switchport mode access
Core_Switch(config-if)#switchport access vlan 30
Core_Switch(config-if)#exit
Testing client to Internet
Configure Rule for SD-WAN for
VLAN30 and VLAN40
VLAN30
to ISP1
VLAN40
to ISP2
Network ]SD-WAN
]SD-WAN Rules ]Create
New ]
VLAN40 to ISP2 configure the same
VLAN30
Testing VLAN30 to WAN-1
Vlan40 to , WAN-2
How to configure HA Master
Edite port Network for HA
Network
]Interface ]Port3
]Edit
Network
]Interface ]Port4
]Edit
System ]HA ]
Configure HA Slave
Set
name:
config
system global
set
hostname FG_Slave
Set
IP
config system interface
edit
port10
set
mode static
set
ip 192.168.37.11/24
set
allowaccess ping https http ssh telnet
Login to Fortigate FG_Slave Configure
HA
System
]HA ]
Configure Ciscos switch for
HA_Slave
Create Channel2
Core_Switch>enable
Core_Switch#configure terminal
Core_Switch(config)#hostname Core-Switch
Core_Switch(config)#interface range gi0/2,gi0/3
Core_Switch(config-if-range)#channel-group 2 mode active
Core_Switch(config-if-range)#no shutdown
Core_Switch(config-if-range)#end
Core_Switch#show ip interface brief
Configure Trunk
Core_Switch>enable
Core_Switch#configure terminal
Core_Switch(config)#interface po2
Core_Switch(config-if)#switchport trunk encapsulation dot1q
Core_Switch(config-if)#switchport mode trunk
Core_Switch(config-if)#no shutdown
Core_Switch#show ip interface brief
Core_Switch#show interfaces trunk
Testing shutdown Fortigate FG-PR
and Testing Ping
