General Discussions

 View Only

Routing issues with vdoms and dual ISPs

  • 1.  Routing issues with vdoms and dual ISPs

    Posted May 25, 2022 06:23 AM

    Hello,

    I am having issues in getting this dual-ISP set up to work with vdoms.
    There are currently two vdoms in the virtual fortigate root & vdom-1.
    Each vdom has a seperate ISP with different IP-ranges.
    Traffic through ISP1 is directly NAT:ed through VIP described and default route is pointed towards ISP1.

    My issues are that when people connect on the VIP that is on ISP2 all traffic seems to route from server out on ISP1 because of default route.
    Is it possible to have a setup like this and do utilize both ISPs to connect to the local server 172.0.10.17?

    This time around we need to source NAT everything comming in on ISP2 to the vlink-interface 10.0.0.1 for the traffic to return to ISP2.
    However this is not a valid solution as we need to see original-source IP logged on the server etc.

    It seems like the TCP-sessions dosen't return the traffic from it original source when we do not use source NAT.
    Is there anyway to solve this problem and to use both ISPs communication with the local server?