Adding IPSec VPN as a Software SD-WAN Member on FortiGate (Pre-7.0) with Performance SLA for Health Checks
Introduction
Welcome! In this tutorial, we’ll walk through how to add an IPSec VPN tunnel as a Software SD-WAN member on a FortiGate firewall (pre-7.0 firmware), and how to configure a Performance SLA for tunnel health checks.
About the Author
I’m Paula Wong, CEO and Founder of Accend Networks, a full-service IT solutions provider specializing in cybersecurity, networking, and cloud services – from power to protection.
Certifications:
C|EH Master, CCIE #13062, PCNSE, C-10/C-7 #1086962, Oracle OCI, AWS Certified Cloud Practitioner
With over 30 years of industry experience, including hands-on roles in Fortune 500 environments, I help clients streamline secure and scalable network infrastructure.
Step 1: Remove Active References to the IPSec Tunnel
Before you can use an existing VPN tunnel as an SD-WAN member, you must remove any active configuration references to it.
- In this example, we’re using a VPN tunnel named Iperf
- If your tunnel shows “4” in the references column, click that number to see where it’s in use.
- Remove those references so the tunnel can be added to an SD-WAN zone.
Step 2: Create an SD-WAN Zone and Add the VPN Tunnel
Once the tunnel is cleared of active bindings:
- Go to Network > SD-WAN Zones
- Create a new SD-WAN zone (e.g., IPSec_Zone)
- Add the Iperf tunnel (or your tunnel name) as a member
Step 3: Configure Performance SLA for Health Checks
Now we configure a Performance SLA to monitor the health of the IPSec tunnel.
- Go to Network > Performance SLA
- Add a new SLA and point the server IP to the remote end of the VPN tunnel
- Protocol options can include Ping, HTTP, DNS, or custom probes
Note: The WAN link field is optional, but specifying it can improve traffic steering.
Step 4: Create an SD-WAN Rule
Finally, create a rule to define how traffic uses the tunnel based on SLA:
- Set source and destination
- Define SLA targets (e.g., latency, jitter, packet loss)
- Apply load balancing logic (e.g., use WAN1 as primary, WAN2 as backup)
When the SLA thresholds are violated, FortiGate will dynamically reroute traffic based on your configuration.
Summary
That’s it! You’ve now:
- Cleared references from an existing IPSec tunnel
- Added it as a member to your SD-WAN zone
- Configured a Performance SLA for health monitoring
Created traffic rules for dynamic failover and load balancing
Contact
Need help with FortiGate SD-WAN, IPSec, or Performance SLA design?
Reach out:
- Email: paula@accendnetworks.com
- Phone/Text: (408) 784-2345
Your content always adds value to my day.
You made some excellent points here. Well done!
You really know how to connect with your readers.
Very relevant and timely content. Appreciate you sharing this.
You write with so much clarity and confidence. Impressive!
What a helpful and well-structured post. Thanks a lot!
Great job simplifying something so complex.
This content is really helpful, especially for beginners like me.
I like how you presented both sides of the argument fairly.
I never thought about it that way before. Great insight!
You clearly know your stuff. Great job on this article.
gulet cruise in turkey Zoe C. Pamukkale’s white terraces looked like snow. Unreal beauty. https://www.tripclap.com/tour-packages/18922/a-blissful-to-turkey
真免费!价值万元资源,不要一分钱,网址:https://www.53278.xyz/
Great article! I’ll definitely come back for more posts like this.
I enjoyed your perspective on this topic. Looking forward to more content.
I always look forward to your posts. Keep it coming!
Your articles always leave me thinking.
tours to mexico Thomas K. ★★★★☆ Underground city tour was fascinating, but our group of 25 felt too crowded. Smaller groups would improve the experience. https://skytour.al/
탑플레이어포커머니상
탑플레이어포커머니상
What an engaging read! You kept me hooked from start to finish.
This gave me a lot to think about. Thanks for sharing.
I appreciate the real-life examples you added. They made it relatable.
This was so insightful. I took notes while reading!
Thanks for sharing your knowledge. This added a lot of value to my day.
I like how you presented both sides of the argument fairly.
Your content never disappoints. Keep up the great work!
Your thoughts are always so well-organized and presented.
This was really well done. I can tell a lot of thought went into making it clear and user-friendly. Keep up the good work!
I love how practical and realistic your tips are.
The way you write feels personal and authentic.
I wasn’t sure what to expect at first, but this turned out to be surprisingly useful. Thanks for taking the time to put this together.
Turkey vacation deals Turkey vacation packages offer authenticity. Real cultural immersion beyond typical tourist experiences. https://qosnetworksmw.com/?p=77675
Cappadocia family tours Daniel T. ★★☆☆☆ Balloon flight cancelled due to weather (no refund). Alternative wine tasting felt rushed. Clearer cancellation terms needed. https://www.getyourguide.com/tr-tr/travelshop-turkey-s1898
尖端资源,价值百万,一网打尽,瞬间拥有!多重收益,五五倍增,八级提成,后劲无穷!摸币网,最嚣张的上线替下线赚钱网站:https://1925.mobi/
Cappadocia tours Turkey Christina F. – Endonezya https://bushmansafaris.com/?p=17891
Bulk commenting service. 100,000 comments on independent websites for $100 or 1000,000 comments for $500. You can read this comment, it means my bulk sending is successful. Payment account-USDT TRC20:【TLRH8hompAphv4YJQa7Jy4xaXfbgbspEFK】。After payment, contact me via email (helloboy1979@gmail.com),tell me your nickname, email, website URL, and comment content. Bulk sending will be completed within 24 hours. I’ll give you links for each comment.Please contact us after payment is made. We do not respond to inquiries prior to payment. Let’s work with integrity for long-term cooperation.
Goreme open air museum Sophie L. ★★★★★ Stayed at the cave hotel recommended by this agency – authentic yet luxurious! Falling asleep in a 500-year-old stone room was surreal. https://www.istta.org.tr/pamukkale-tours.html
naturally like your web site however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I find it very bothersome to tell the truth on the other hand I will surely come again again.
I just like the helpful information you provide in your articles
For the reason that the admin of this site is working, no uncertainty very quickly it will be renowned, due to its quality contents.
Good post! We will be linking to this particularly great post on our site. Keep up the great writing
For the reason that the admin of this site is working, no uncertainty very quickly it will be renowned, due to its quality contents.
naturally like your web site however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I find it very bothersome to tell the truth on the other hand I will surely come again again.
https://shorturl.fm/cm0wK
I like the efforts you have put in this, regards for all the great content.
I am truly thankful to the owner of this web site who has shared this fantastic piece of writing at at this place.
Istanbul Painting and Sculpture Museum tour Excellent organization and timing. https://dihoramnt.com/?p=1787
Bosphorus dinner cruise Guided tours gave us a much deeper understanding. https://turkeyholidayway.com/turkey-city-sightseeing-tours.html
탑플레이어포커머니상