This post is about fixing Starlink static route issue in FortiGate Firewall
The issue comes when configuring Starlink in FortiGate Firewall; no matter how we configure the administrative distance and priority for the StarLink state route, one default configuration overrides the manual static route.
StarLink as secondary internet link, it should only kicks in when primary link fails
StarLink “WAN” port is configure as DHCP in Fortinet FortiGate firewall
Primay link and Secondary (StarLink) link are both configured with mannual static routes, but StarLink has high value of priority
NO SD-WAN involved here, we use “configure system link-monitor” for internet failover
1. Tried restart “routing” process via CLI
execute router restart
2. Tried change both “distance” and “prioty”, no luck
3. Remove Starlink, the primary works fine
4. Then find the magical command to view the routing table database in Fortinet FortiGate firewall, and check the THIRD static route with a short distance value !!!
get router info routing-table database
5. look deeper on the StarLink interface, here it is
1. Use the SD-WAN zone with each ISP as an SD-WAN member, then configure the “SD-WAN” rule for failover
2. under the interface CLI, tweak the distance and priority value to be the one you wanted, here I want it has the same distance value as Primary link but higher value of priorty – Lower is prefered here
After change the priority value, we can see the correct path is preferred