Fortinet black logo

Administration Guide

Manual strategy

In manual mode, no health checks are used. As a result, the decision making closer resembles logic than intelligence. SD-WAN manual rules are similar to regular policy-based routes, but have the added features of application-aware routing and BGP-tag routing. A manual strategy rule is comprised of the following parts:

  • Defining the interfaces to be used
  • Ordering the interfaces based on preference
To configure manual SD-WAN rules from the GUI:
  1. Go to Network > SD-WAN.
  2. Select the SD-WAN Rules tab, and click Create New.
  3. Set the following options to create a manual rule:

    NameType a name for the rule.
    Source(Optional) Specify a Source address and/or User group.
    DestinationSpecify the destination using an Address object or an Internet Service or an Application.
    Zone preference

    Specify one or more SD-WAN interfaces or zones.

    The order in which the interfaces or zones are specified determines their priority when the rule is matched.

  4. Set the remaining options as desired, and click OK to create the rule.
To configure manual SD-WAN rules from the CLI:
config system sdwan
    config members
        edit 1
            set interface "wan1"
        next
        edit 2
            set interface "wan2"
        next
    end
    config service
        edit 1
            set name "manual"
            set mode manual
            set priority-members 2 1
            set dst "DC_net"
            set hold-down-time 60
        next 
    end
end
Note
  • The command set mode manual will not appear in the configuration because it is the default mode.
  • The command set hold-down-time <integer> is an optional command that controls how long to wait before switching back to the primary interface in the event of a failover.

In manual mode, no health checks are used. As a result, the decision making closer resembles logic than intelligence. SD-WAN manual rules are similar to regular policy-based routes, but have the added features of application-aware routing and BGP-tag routing. A manual strategy rule is comprised of the following parts:

  • Defining the interfaces to be used
  • Ordering the interfaces based on preference
To configure manual SD-WAN rules from the GUI:
  1. Go to Network > SD-WAN.
  2. Select the SD-WAN Rules tab, and click Create New.
  3. Set the following options to create a manual rule:

    NameType a name for the rule.
    Source(Optional) Specify a Source address and/or User group.
    DestinationSpecify the destination using an Address object or an Internet Service or an Application.
    Zone preference

    Specify one or more SD-WAN interfaces or zones.

    The order in which the interfaces or zones are specified determines their priority when the rule is matched.

  4. Set the remaining options as desired, and click OK to create the rule.
To configure manual SD-WAN rules from the CLI:
config system sdwan
    config members
        edit 1
            set interface "wan1"
        next
        edit 2
            set interface "wan2"
        next
    end
    config service
        edit 1
            set name "manual"
            set mode manual
            set priority-members 2 1
            set dst "DC_net"
            set hold-down-time 60
        next 
    end
end
Note
  • The command set mode manual will not appear in the configuration because it is the default mode.
  • The command set hold-down-time <integer> is an optional command that controls how long to wait before switching back to the primary interface in the event of a failover.