Creating new WAN settings
When creating a profile, you can also create new WAN settings.
FortiGate 40F-3G4G model supports a special WAN interface for Wireless Wide Area Networks (WWAN). When you insert a 3G or 4G SIM card into the WWAN interface slot of the device, you can connect to the Internet by using telecommunication operators. If you add this type of FortiGate with WWAN enabled to SD-WAN Orchestrator MEA, a WWAN port is available for configuration.
To create new WAN settings:
- Go to Configuration > Profile.
The list of profiles is displayed.
- Create a new profile, or open a profile for updating.
The Profile <name> dialog box is displayed.
- Click the Network tab.
The Network pane is displayed. For a description of the options, see Network tab.
- Expand the WAN section, and click +Create New.
The WAN dialog box is displayed.
- In the Name box, type a name for the WAN settings.
- In the Port Type box, select the port, and complete the options.
Port Type
Description
VLAN
Select to configure a virtual interface.
Aggregate
Select to configure an aggregate virtual interface.
Hard_Switch
Select to configure a hardware switch. A hardware switch is a virtual switch interface that groups different ports together. FortiGate uses the group of ports as a single interface.
Supported FortiGate models have a default hardware switch called either internal or lan. The hardware switch is supported by the chipset at the hardware level. For example, the FortiGate 60E/61E series supports hardware switches.
Soft_Switch
Select to configure a software switch. A software switch is a virtual switch interface that is implemented at the software or firmware level and not at the hardware level. FortiGate uses the group of ports as a single interface.
Extender
Select to configure FortiExtender as a WAN port. See also Creating profiles with FortiExtender WAN ports.
- Complete the remaining options, and click OK.
Option
Description
Physical Port
Available when Port Type set to VLAN.
Select the port number.
Displays wwan for FortiGate 40F-3G4G models with enabled WWAN ports.
VLAN ID
Available when Port Type is set to VLAN.
Type an ID for the VLAN.
Enable SDWAN
Toggle on to enable the interface. Toggle off to disable the interface.
Interface Status
Available when Enable SDWAN is toggled OFF.
Overlay links are not initiated on a WAN port with the following settings:
- Enable SDWAN is toggled OFF.
- Interface Status is set to UP.
- Mode is set to STATIC.
However, overlay links can be established on VLAN ports that are based on the physical WAN port.
ISP Link
Available for edge devices when VPN Mode with Hub is set to SITE_TO_SITE on the General tab.
VPN Connect to Hub ISP Link
Available for edge devices when VPN Mode with Hub is set to SITE_TO_SITE on the General tab.
When configuring WWAN interfaces, select an LTE type of ISP link, such as DEFAULT_ISP_LTE_1. Any other setting will disable the wwan feature.
ADVPN
Available for edge devices when VPN Mode with Hub is set to DIAL_UP on the General tab.
On hub devices, select one of the following options:
- NONE - ADVPN is disabled. Edge devices from the same region will communicate with each other by forwarding packets through their region's hub.
- INSIDE_REGION - Shortcut tunnels are triggered by traffic and established only inside a region.
On edge devices, toggle ADVPN on to enable ADVPN. Toggle off to disable ADVPN.
Connected External VPN Gateway
Select an external VPN Gateway. See also Creating external VPN gateways.
Mode
Select a mode.
DNS Server Override
Toggle On to enable DNS server override.
Use VIP for VPN Connection
Toggle On to enable VIP mapping for the WAN port.
This feature allows overlay tunnels to be established when FortiGate devices are deployed on Cloud platforms, such as AWS, Azure, and on. It also helps establish overlay links between devices when both devices are behind a NAT gateway.
VIP Address
Available when Use VIP for VPN Connection is on.
Type the VIP address for the device. When enabled, tunnels are established with the VIP address instead of the intranet IP address.
If the FortiGate is deployed on a Cloud platform, contact the Cloud operator to obtain the public IP address .
Estimated Upstream Bandwidth
Leave the default value, or specify an estimated value.
Estimated Downstream Bandwidth
Leave the default value, or specify an estimated value.
Schedule Recurring Speed Test
Expand to display the Enable Schedule Speed Test option. See also Executing WAN port speed tests.
Enable Schedule Speed Test
Toggle On to display the schedule options for the speed test.
Schedule
Available when Enable Schedule Speed Test is toggled On.
From the list select a schedule for the speed test. See also Creating custom speed test schedules.
Auto Apply Speed Test Result
Toggle On to automatically apply speed test results to the to Estimated Upstream Bandwidth and Estimated Downstream Bandwidth options.
First Online Speed Test
Toggle On to run the speed test when the device first comes online.
Access Types
Select one or more types of access.
The WAN settings are created.
- If you set Port Type to Aggregate, open the WAN settings for editing, select interface members, and click OK.
Interface members are added to the WAN settings.