Tunnel Routing – Benchmark To guarantee a performance aggregation transferring TR packets, FortiWAN requires equal quality for the WAN links employed in a tunnel group. The Benchmark here provides evaluation of WAN link quality for every single tunnel. Tunnels are judged in run trip time, packet loss and bandwidth. It is not suggested to employ […]
How to set up routing rules for Tunnel Routing To perform Tunnel Routing, symmetric FortiWAN deployment is a basic requirement. Therefore, symmetric routing rules are also required for two-way data transmission. A routing rule here contains three basic elements that are What is the traffic to be transferred by Tunnel Routing? Tunnel Routing filter traffic […]
Short video answer to a question a user sent me about the best ways to block internet traffic for specific machines and devices.
Tunnel Routing – Setting There are two major steps to set up Tunnel Routing, define the association of tunnels (see the tables: Basic Setting and Tunnel Group) and set up the routing rules (see the tables: Default Rules, Routing Rules and Persistent Rules). Tunnel Routing works in symmetric FortiWAN sites, when the unit we are […]
Tunnel Routing Tunneling is a technique to perform data transmission for a foreign protocol over a incompatible network; such as running IPv6 over IPv4, and the transmission of data for use within a private, corporate network through a public network. Tunneling is done by encapsulating and decapsulating data and information of the particular protocol within […]
Configurations Auto-routing is a trunking technology that provides load balancing and fault tolerance for all outbound requests, but it does not apply to inbound requests. These are handled by a unique technology called SwiftDNS, a multihoming service which includes load balancing and fault tolerance for inbound requests. The minimum requirements for multihoming are networks must […]
DNSSEC Support The DNS Security Extensions (DNSSEC) is a specification that adds data authentications and integrity to standard DNS. To resist tampering with DNS responses, DNSSEC introduces PKI (Public Key Infrastructure) to sign and authenticate DNS resource record sets within the zone. A signed zone includes a collection of new resource records: RRSIG, DNSKEY and […]
Inbound Load Balancing and Failover (Multihoming) Multihoming Multihoming is a technique when external users request any server’s IP address; Multihoming promptly returns DNS response according to the link quality. This provides unmatched availability of bandwidth and load-balances incoming traffic across the multiple ISP lines. Simultaneously using multiple IP address provided by the ISP connections can […]