PRI Setup - SDWAN configuration : Simply. Talk to your clients.

To setup PRI behind an SDWAN please follow the below steps in a step by step sequence:

On-premise SDWAN Confiugration:

Configure a Fortinet on-premise device with the basic Configuration (SDWAN, VPN Tunnels, and policy routes).
Untag a LAN port from the internal switch ports to be used for different Subnet.
Configure the LAN port to be used for the customer's local LAN uplink (172.16.10.0/24 Either on DHCP or point to point).
Configure the internal switch interface as 10.30.N.5/24 (To be used for PRI network)
Tag the Fortinet Wireless with the internal Switch (to be used for testing the reachability)
Create a new outgoing policy for the PRI subnet to go via the AWS Tunnel for MOR private IP.
Create the reverse policy for the PRI subnet to come via the AWS Tunnel.
Define the SDWAN policy route for MOR and define the VPN Tunnel.

PRI GW Configuration:

On AWS Fortinet Confiugration:

Configure the VPN tunnel for the new on-premise setup.
Configure the normal policies for the Ziwo SDWAN traffic.
Configure the static route for Ziwo SDWAN traffic.
Configure a new additional outgoing policy for the Ziwo PRI Subnet to be received from XYZ Tunnel and the outgoing interface should be marked as GSM-Transit GW NAT should be disabled (this rule should strictly be allowed for PRI subnet only).
Configure a new additional incoming policy for the Ziwo PRI Subnet to be received from GSM-Transit-GW Tunnel and the outgoing interface should be marked as XYZ VPN NAT should be disabled (this rule should strictly be allowed for PRI subnet only).
Whitelist the local PRI Subnet with a static route on the AWS VPC side.
Test the connectivity from the local PC connected behind the on-premise PRI subnet towards MOR private IP 10.50.1.10
Test the connectivity from MOR towards the local PC connected behind the SDWAN PRI Subnet.
Check the SIP endpoints connectivity on the PRI GW.

PRI Setup - SDWAN configuration Print