Policy routing cannot use SLA (FortiGate)

Peter3 · ‎07-07-2023

I added policy routing to FortiGate, but it couldn't enable sla. FortiGate couldn't sense when the network of the next hop changed

POP1 # 配置路由器策略 POP1（策略
） # 编辑 1
POP1 （1） # 设置
输入设备传入接口名称。
输入设备否定启用/禁用对输入设备匹配的否定。
src 源 IP 和掩码（x.x.x.x/x）。
srcaddr 源地址名称。
src-negate 启用/禁用否定源地址匹配。
dst 目标 IP 和掩码（x.x.x.x/x）。
dstaddr 目标地址名称。
dst 否定启用/禁用否定目标地址匹配。
操作策略路由的操作。
协议协议编号（0 - 255）。
网关的网关 IP 地址。
输出设备传出接口名称。
tos 服务位模式的类型。
tos掩码服务类型计算位。
状态启用/禁用此策略路由。
注释可选注释。
互联网服务标识目标因特网服务 ID.
因特网服务自定义目标因特网服务名称。

POP1 （1） # 结束
POP1 # 获取系统状态
版本： FortiGate-VM64 v7.2.3，build1262，221109 （GA.F)

Regards,

Shilpa1 · ‎07-07-2023

Hello Peter3,

Yes, you got it right.

Regards,
Shilpa C.P

View solution in original post

Shilpa1 · ‎07-07-2023

Hello,

Based on the information you provided, it seems that you are configuring policy routing, but you're unable to enable SLA (Service Level Agreement) monitoring. SLA monitoring allows the device to detect changes in the network of the next hop. Unfortunately, it appears that the Fortigate does not support SLA monitoring for policy routing.

You may refer to the below link for more details about SLA monitoring:
https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/584396/performance-sla

Regards,
Shilpa C.P

Peter3 · ‎07-07-2023

hi,Shilpa1

Thank you for your reply. I think SD-WAN rules seem to solve this problem. SD-WAN rules can define SLAs, right?

Regards,

Shilpa1 · ‎07-07-2023

Hello Peter3,

Yes, you got it right.

Regards,
Shilpa C.P

Peter3 · ‎07-07-2023

Many thanks!

Regards,