• Matt Sherif

Adding the default SLAs to a FortiGate upgraded to 6.2.1

If you've unboxed a new FortiGate and loaded 6.2.1 out of the box and started configuring SD-WAN, you probably noticed the cool new default SLAs that come with this version of code. The only limitation is that if you upgrade from 6.0.x to 6.2.1 - you won't get these.



The default SLAs can be handy for common web services


I suspect this is due to not wanting to overwrite any existing SD-WAN rules or SLAs you may already have. Fear not, I'm posting the config required to get these default SLAs, as many of them are useful out of the box.


config system virtual-wan-link
   config health-check
       edit "Default_Office_365"
           set server "www.office.com"
           set protocol http
           set interval 1000
           set recoverytime 10
           config sla
               edit 1
                   set latency-threshold 250
                   set jitter-threshold 50
                   set packetloss-threshold 5
               next
           end
       next
       edit "Default_Gmail"
           set server "gmail.com"
           set interval 1000
           set recoverytime 10
           config sla
               edit 1
                   set latency-threshold 250
                   set jitter-threshold 50
                   set packetloss-threshold 2
               next
           end
       next
       edit "Default_AWS"
           set server "aws.amazon.com"
           set protocol http
           set interval 1000
           set recoverytime 10
           config sla
               edit 1
                   set latency-threshold 250
                   set jitter-threshold 50
                   set packetloss-threshold 5
               next
           end
       next
       edit "Default_Google Search"
           set server "www.google.com"
           set protocol http
           set interval 1000
           set recoverytime 10
           config sla
               edit 1
                   set latency-threshold 250
                   set jitter-threshold 50
                   set packetloss-threshold 5
               next
           end
       next
       edit "Default_FortiGuard"
           set server "fortiguard.com"
           set protocol http
           set interval 1000
           set recoverytime 10
           config sla
               edit 1
                   set latency-threshold 250
                   set jitter-threshold 50
                   set packetloss-threshold 5
               next
           end
       next
   end
end

And that's all there is to it! Hope this was helpful. Thank you for reading.