Create a Performance SLA in FortiManager that can be used to monitor the SD-WAN performance in FortiGate devices.
If all links meet the SLA criteria, the FortiGate uses the first link, even if that link isn’t the best quality. If at any time, the link in use doesn’t meet the SLA criteria, and the next link in the configuration meets the SLA criteria, the FortiGate changes to that link. If the next link doesn’t meet the SLA criteria, the FortiGate uses the next link in the configuration if it meets the SLA criteria, and so on.
- If using ADOMs, ensure that you are in the correct ADOM.
Go to Device Manager > Provisioning Templates > SD-WAN Templates.
- Double-click an SD-WAN template to open it for editing, or click Create New in the toolbar.
The SD-WAN template opens.
- In the Performance SLA toolbar, click Create New. The Create Performance SLA dialog-box opens
- Enter the following information, and click OK to create the performance SLA:
Enter the name of the performance SLA.
Select IPv4 or IPv6.
Select Active, Passive, or Prefer Passive.
Protocol Select the detection method for the profile check:
- TCP ECHO
- UDP ECHO
- TCP Connect
Server Click Add (+), and type the IP address of the health-check server. Participants Select available interface members or select All SD-WAN Members. The interfaces must already be added to the template.
Enable Probe Packets
Set Enable probe packets to enable or disable sending probe packets.
Click Add Target to add a new SLA. Enable and enter the Latency Threshold (in milliseconds), Jitter Threshold (in milliseconds), and Packet Loss Threshold (in percent), then click OK to create the SLA.
SLAs can also be edited and deleted as required.
Status check interval, or the time between attempting to connect to the server, in seconds (1 - 3600, default = 1).
Failure Before Inactive
Specify the number of failures before the link becomes inactive (1 - 10, default = 5).
Restore Link After
Specify the number of successful responses received before server is considered recovered (1 - 10, default = 5).
Action When Inactive
Specify what happens with the WAN link becomes inactive.
Update Static Route
Select to update the static route when the WAN link becomes inactive.
Select to cascade interfaces when the WAN link becomes inactive.
Expand to display the advanced options.
Hover the mouse over each advanced option to view a description of the option.
Set the options as desired.