FortiGate SD-WAN 多链路负载均衡
参考 https://blog.csdn.net/meigang2012/article/details/81298312
[c:\~]$ ssh admin@192.168.1.99 Connecting to 192.168.1.99:22... Connection established. To escape to local shell, press 'Ctrl+Alt+]'. WARNING! The remote SSH server rejected X11 forwarding request. FortiGate-40F # FortiGate-40F # get hardware status Model name: FortiGate-40F ASIC version: SOC4 CPU: ARMv8 Number of CPUs: 4 RAM: 1919 MB EMMC: 3662 MB(MLC) /dev/mmcblk0 Hard disk: not available USB Flash: not available Network Card chipset: FortiASIC NP6XLITE Adapter (rev.) FortiGate-40F # FortiGate-40F # get system status Version: FortiGate-40F v6.4.5,build1828,210217 (GA) Firmware Signature: certified Virus-DB: 88.00033(2021-07-31 14:20) Extended DB: 88.00033(2021-07-31 14:19) IPS-DB: 6.00741(2015-12-01 02:30) IPS-ETDB: 0.00000(2001-01-01 00:00) APP-DB: 6.00741(2015-12-01 02:30) INDUSTRIAL-DB: 6.00741(2015-12-01 02:30) Serial-Number: FGT40FTK20011324 IPS Malicious URL Database: 1.00001(2015-01-01 01:01) BIOS version: 05000003 System Part-Number: P24680-03 Log hard disk: Not available Hostname: FortiGate-40F Private Encryption: Disable Operation Mode: NAT Current virtual domain: root Max number of virtual domains: 10 Virtual domains status: 1 in NAT mode, 0 in TP mode Virtual domain configuration: disable FIPS-CC mode: disable Current HA mode: standalone Branch point: 1828 Release Version Information: GA System time: Thu Mar 24 19:39:08 2022 FortiGate-40F # FortiGate-40F # get system performance status CPU states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq CPU1 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq CPU2 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq CPU3 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq Memory: 1965120k total, 566620k used (28.8%), 1211604k free (61.7%), 186896k freeable (9.5%) Average network usage: 18 / 4 kbps in 1 minute, 8 / 2 kbps in 10 minutes, 18 / 12 kbps in 30 minutes Average sessions: 8 sessions in 1 minute, 8 sessions in 10 minutes, 15 sessions in 30 minutes Average session setup rate: 0 sessions per second in last 1 minute, 0 sessions per second in last 10 minutes, 0 sessions per second in last 30 minutes Average NPU sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 4 sessions in last 30 minutes Average nTurbo sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes Virus caught: 0 total in 1 minute IPS attacks blocked: 0 total in 1 minute Uptime: 0 days, 13 hours, 55 minutes FortiGate-40F #
1. 设置 【语言】为 简体中文 ,并 开启 【中央SNAT】
2. 修改接口角色并设置IP
3. 设置DNS地址
4. 将wan接口添加到SD-WAN成员中,可定义每条链路的Cost值
5. 设置【中央SNAT规则】
6. 修改防火中的流入流出策略
7. 添加【SD-WAN状态检查】规则
8. 修改状态检查超时时间
9. 添加【SD-WAN规则】
10. 设置【默认静态路由】
11. 查看SD-WAN状态
======== End