Fortinet white logo
Fortinet white logo

Local out traffic using ECMP routes could use different port or route to server

Local out traffic using ECMP routes could use different port or route to server

Starting from version 7.4.1, when there is ECMP routes, local out traffic may use different route/port to connect out to server. For critical traffic which is sensitive to source IP addresses, it is suggested to specify the interface or SD-WAN for the traffic since FortiOS has implemented interface-select-method command for nearly all local-out traffic.

config system fortiguard
    set interface-select-method specify
    set interface "wan1"
end

Local out traffic using ECMP routes could use different port or route to server

Local out traffic using ECMP routes could use different port or route to server

Starting from version 7.4.1, when there is ECMP routes, local out traffic may use different route/port to connect out to server. For critical traffic which is sensitive to source IP addresses, it is suggested to specify the interface or SD-WAN for the traffic since FortiOS has implemented interface-select-method command for nearly all local-out traffic.

config system fortiguard
    set interface-select-method specify
    set interface "wan1"
end