FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Article Id 196669
Description

This article explains how to configure "Detect Interface Status for Gateway Load Balancing" when running FortiOS v4.0 MR3 or FortiOS v5.0.


Scope

FortiOS v4.0 MR3 and above.

Command 'config router gwdetect' has been removed in FortiOS 5.2 and replaced with 'config system link-monitor'


Solution
In FortiOS v4.0 MR2, the "Detect Interface Status for Gateway Load Balancing" is an option found on the web-based manager in Network>Interface.

Following the release of FortiOS v4.0 MR3 this feature is available only as a CLI command. It can be configured using the following steps.

1. Check on the interface facing the internet whether fail-detect is enabled (by default it is enabled) and that the fail-detect-option is set to detectserver. To enable fail-detect:
config system interface
edit <interface name>
set fail-detect enable
set fail-detect-option detectserver
end

2. To set the detect IP address:

config router gwdetect
edit <interface_name>
set server <servername1_string>
set protocol {ping |tcp-echo | udp-echo}
end
For example:
config router gwdetect
edit "wan1"
set protocol ping
set server "4.2.2.2"
end

Contributors