Dear Fortinet CommunityI am looking for more support of my New Feature Request within the FortiOS 6.4 Beta - NFR: Multiple SD-Interface in one VDOM instead one SD-WAN.
It would be good to have the possibility to have multiple SD-WAN Interfaces in one VDOM. – Maybe the right name would SD-Zone.
So, you can have one SD-WAN for the Internet-Traffic and one or multiple VPNs combined in a SD-VPN. At the ende everything is the same, it's a Software Defined Routing and Traffic Management.
The concept today is mixing WAN and VPN in one SD-WAN with the result of losing the clear structure. Without a clean structure you loosing the overview and you getting a worser security.
Please register yourself for the Beta Program and support this request.This will streamline the SD-WAN and brings back the clear view between WAN and VPN.To join the Beta Program you need a free Fortinet Developer Accounthttps://fndn.fortinet.net/index.php?/register/«All new accounts require two Fortinet Sponsors. Sponsors are Fortinet employees that can confirm your identity and validate your need for an FNDN account. Please enter emails of your Sponsors in the fields below."After the registration, confirmation and joining the Beta Program, please read and vote for my request.Beta => Beta Releases => Forumshttps://fndn.fortinet.net/index.php?/fortinetbeta/topic/253-nfr-multiple-sd-interface-in-one-vdom-instead-one-sd-wan/Thank you very much!
In FortiOS 6.4.1, SD-WAN member interfaces are grouped into SD-WAN zones. These zones can be used in firewall policies. Individual SD-WAN members can no longer be used directly in policies.
In the CLI:
config system virtual-wan-link
config system sdwan
diagnose system virtual-wan-link
diagnose system sdwan
next edit "overlay"
set interface "MPLS-VPN"
Previously, SD-WAN members could be used directly by policies. Upon upgrading to 6.4.1, an SD-WAN zone upg-zone-<interface-name> will be created for each member that is defined directly in a policy.Source: https://docs.fortinet.com/document/fortigate/6.4.1/fortios-release-notes/251225/sd-wan-zones