SD-WAN Explained and Configured

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
your sd-wan virtual interface can be used for different reasons one of them is to steer applications different applications either business pleasure anything to different when interfaces now you can do it using different methods you can do it manually you can do it based on cost you can do it based on maximum bandwidth and so on so let's do it using those three criterias all right so the use case is as follows we have two one interfaces one of them is probably faster than the other and we have two applications that we want to steer each to its own when interface the applications are netflix and twitch so we already have our interfaces configured now let's move to security profiles application control and let's create a new profile that will actually monitor and sense those application let's move to application and filter override and let's look for netflix let's just find netflix add selected and it will monitor not block the second application is twitch let's look for twitch there it is add selected okay so we have our sensor we have our uh security profile which will monitor those two apps that's the first step that will be applied to our firewall policy at the end all right now let's move to network sd-wan zones let's create a new zone let's name our zone streaming and let's create two members the uh let's just add them to our zone the first one is our when one we will not give it a cost not currently let's just um add up the gateway address all right and let's add another member which is our second one interface and its gateway ip is 2 254. all right so now we have a new zone which is our streaming zone we have two interfaces in it one one and one two all right so let's create now two new rules the first one is netflix the source address can be our lan subnet but we will use all and the application is netflix all right so let's choose netflix now our strategy will be manual that is we will choose manually the interfaces so when one will be the first choice and the second choice is when to now it is not based on quality that is in any case it doesn't depend on on our sla in any case it will use when one if when one has a connection issue it will drop to when two but it will always use when one that is the basic choice and as you can see you cannot actually choose any sla or any other uh criteria so that's the first choice and let's create the second rule and in our second rule twitch we will select all we will not select user group the application is twitch and again manual but this time we will choose when to and then when one so it will always move to when two if the connection drops for any reason it will move to when one all right so this was the manual way that's the very basic and simplistic way to assign one interface to an application so but now you can also add what is known as a performance sla that is a service level agreement between your photogate and its when interfaces as long as you stand in the sla target that is in terms of latency jeter packet lost you will be used so let's create an sla let's name it streaming now we can test our sla towards a specific server or we can just use ping towards google's dns server or any other server so let's just do that and add up google's dns server now the sla target will stay the same the link status in terms of interval and failure before inactive will stay the same let's keep that as our sla for streaming now let's get back to our sd-wan rules and create a new rule which will be named streaming shoe now let's choose our source address and the applications that we're dealing with again is twitch and netflix now we have configured our sla so let's now choose best quality let's just uh use those uh interfaces that's the measured sla which is this streaming now if there's a tie your photogate will actually choose the when interface with the list latency now you can choose different parameters such as jitter list packet loss and so on but we will use the list latency okay so that's our third rule we can of course play with the different rule uh position on our sd when table all right now let's move back to our sd-wan zones and let's edit the different members so let's edit when one and we can see that we have what is known as a cost now as long as the cost is lower the priority is higher so let's keep when one cost to zero zero is the highest priority and let's move and edit when choose cost two two all right now let's move back to our sd-wan rules and let's create a new rule let's name it streaming tree again source address is all application is twitch and netflix all right but this time the strategy is lowest cost that is your 48 will choose the best link according to the sla target now if there is a tie your fortigate will choose the link with the lowest cost so there it is we choose our two when interfaces we choose our required sla target but if there's a tie your photigate will actually choose the link with the lowest cost as we configured all right now the last thing to do is to assign your sd1 um as the static route so let's just edit this one and let's make our sd when as the static the default static route that's the first step and the second step is to create the policy the streaming policy with the incoming interface as our lan interface and the outgoing will be our streaming sd when interface so you're not choosing specific one interface you're choosing the sd1 interface source can be all destination can be all schedule and service again all but in application control don't forget to add up the streaming profile and that's about it
Info
Channel: Forti Tip
Views: 10,965
Rating: undefined out of 5
Keywords: fortigate, fortinet, training, online, support, nse4, cisco ccna, sd-wan explained, sd-wan lab, sd-wan eve-ng, sd-wan viptela, sd-wan palo alto, sd-wan orchestrator, sd-wan velocloud training, sd-wan شرح, sd-wan vmware, sd-wan control and data plane elements, fortigate sd wan configuration, sd wan 101, sd wan configuration, learn cisco ccna, learn routing
Id: D571I1Gy3z4
Channel Id: undefined
Length: 9min 11sec (551 seconds)
Published: Mon Apr 26 2021
Related Videos
What is SD WAN (and why it's replacing MPLS)
Steve Murphy
44K
SD-WAN Configuration for Internet Failover With Two Connections | WAN1 & WAN2 | FortiGate 80D
KBTrainings
28K
What is SD-WAN? say GOODBYE to MPLS, DMVPN, iWAN... w/ SDN, Cisco and Viptela
NetworkChuck
485K
Basic VLAN's, Zones and SDWAN Configuration
Forti Tip
2.9K
How to configure SD-WAN on Fortigate
ElastiCourse
13K
Fundamentals of SD-WAN
Kevin Wallace Training, LLC
208K
Securing SD-WAN: 5 Considerations
The CISO Perspective
9.2K
My FortiGate SDWAN Configuration and Some Use Cases
Fortinet Guru
40K
FortiOS 6.4.6 - SD-WAN - Route-Tag Overview
historiantech
1.7K
How to Use Gmail + Keep Notes + Google Calendar Together
Simpletivity
546K
Software-Defined WAN (SD-WAN) - Explained
Riverbed
273K
#4: FortiGate: Basic Config of the firewall | VLAN, WAN, DHCP, IPv4 Policies | My Home Network
KBTrainings
148K
Basic of Load balancing and Auto fail over with Dual ISPs in FortiGate Firewall EVE-NGN
Explore -360
4.4K
New Firewall: Configuration of WAN, WAN2, LAN, LACP, VLAN, SDWAN and on a FortiGate 60E
KBTrainings
109K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.