Re: Policy Based Routing
Are you saying that in order to use PBR on Fortigate, you need to match a PBR policy as well as matching a RIB entry with the DST IP header of the ingress packet? I found this in the Fortigate handbook:
In fact, the FortiGate almost always requires a matching route in the routing table in order to use a policy route.
This seems like a shame. I would ideally like to say "all packets received on IF X should route to IF Y" and vice versa. I would like to do this across 20 - 30 vdoms and not have to set up route peerings for each one.