Description
This article describes specificity when changing Internet Service Providers.
Scope
FortiGate.
Solution
When changing ISP's follow the steps listed below :
- Change the external IP on the interface (System -> Network -> Edit Interface).
Network -> Interfaces -> Edit.
- Delete old static routes (Router -> Static).
Network -> Static Routes -> Delete.
- Create new static routes (Router->Static).
Network -> Static Routes -> Create New.
- Kill all active sessions on the device
From GUI
dia sys session filter sintf <WAN> dia sys session clear
dia sys session filter dintf <WAN>
dia sys session clear
- Change the external IP's on VIP if there are any
- If needed, reconfigure the DNS servers on the device (System -> Network -> Options).
Network -> DNS.
- Sometimes after changing the service provider [ISP] arp entry is not registered as expected on FortiGate, make sure to verify the arp entry for the gateway:
get system arp
If the ARP is not registered try to ping the gateway IP of the service provider to verify connectivity and mac address arp entry:
execute ping-option source x.x.x.x [WAN ip address]
execute ping x.x.x.x [ISP gateway IP]
Note:
When defining the new Static Route leave the Destination IP and Mask as 0.0.0.0., select the external interface for the unit, define the Gateway received from the Internet Service Provider, and leave the Distance set to 10.
To clear all active sessions type FGT# diag sys session clear
