Adding destination-based routes to the – Fortinet FortiGate 50A User Manual

Page 101

Advertising
background image

Network configuration

Configuring routing

FortiGate-50A Installation and Configuration Guide

101

Adding destination-based routes to the routing table

You can add destination-based routes to the FortiGate routing table to control the
destination of traffic exiting the FortiGate unit. You configure routes by adding
destination IP addresses and netmasks and adding gateways for these destination
addresses. The gateways are the next hop routers to which to route traffic that
matches the destination addresses in the route.

You can add one or two gateways to a route. If you add one gateway, the FortiGate
unit routes the traffic to that gateway. You can add a second gateway to route traffic to
the second gateway if the first gateway fails.

To support routing failover, the IP address of each gateway must be added to the ping
server of the interface connected to the same network as the gateway. For information
about adding a ping server, see

“Adding a ping server to an interface” on page 97

.

To add destination-based routes to the routing table

1

Go to System > Network > Routing Table.

2

Select New to add a new route.

3

Type the Destination IP address and netmask for the route.

4

Add the IP address of Gateway #1.
Gateway #1 is the IP address of the primary destination for the route.
Gateway #1 must be on the same subnet as a Fortigate interface.
If you are adding a static route from the FortiGate unit to a single destination router,
you need to specify only one gateway.

5

Add the IP address of Gateway #2, if you want to route traffic to multiple gateways.

6

Set Device #1 to the FortiGate interface through which you want to route traffic to
connect to Gateway #1.
You can select the name of an interface or Auto (the default). If you select the name of
an interface, the traffic is routed to that interface. If you select Auto the system selects
the interface according to the following rules:
• If the Gateway #1 IP address is on the same subnet as a FortiGate interface, the

system sends the traffic to that interface.

• If the Gateway #1 IP address is not on the same subnet as a FortiGate interface,

the system routes the traffic to the external interface, using the default route.

You can use Device #1 to send packets to an interface that is on a different subnet
than the destination IP address of the packets without routing them using the default
route.

Advertising
Popular Brands
Popular manuals