FortiOS 5.6 Online Help Link FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link

Home > Online Help

> Chapter 5 - Best Practices > Networking > Routing configuration

Routing configuration

  • Always configure a default route.
  • Add blackhole routes for subnets reachable using VPN tunnels. This ensures that if a VPN tunnel goes down, traffic is not mistakingly routed to the Internet unencrypted.

Policy routing

Keep the number of policy routes to a minimum to optimize performance in route lookup and to simplify troubleshooting.

Dynamic routing

  • Select a Router ID that matches an IP assigned to an interface. This avoids the likelihood of having two devices with the same router ID.
  • For routing over an IPsec tunnel, assign IP addresses to both ends of the tunnel.