You’ve setup your FortiGate and have multiple Internet providers.  You are using basic failover for your providers, you want to monitor the links to automate the failover but you don’t want to setup SD-WAN or WAN LLB.

What you want is link-monitor, or what used to be called ping server detect.

With link-monitor setup, when the target detects a failure the routes for WAN1 will be deleted and traffic will go to WAN2.  When the target detects success the routes for WAN1 are re-inserted.

Before you begin, make sure you have both of your WAN links setup and working.  Check out the below article for setting up both of your WAN links.

FortiGate Dual ISP Failover both active v5.4

This has to be entered from the CLI, below is the code.  I’m testing against www.google.com and my WAN1 default gateway is 2.2.2.2 in this example.

• config system link-monitor
  • edit 1
    • set srcintf wan1
    • set server www.google.com
    • set gateway-ip 2.2.2.2
  • next
• end

That’s it!  To test it and see any statistics on it do the following command:

• dia sys link-monitor status

Of course don’t forget to setup your NAT rules for both of your interfaces!