Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[thmshllwg]

hi,
we try to configure the following setup on our dfl 800:
2 wan from 2 different isps (we´re switching isp)
3 webservers with different IPs connected for hosting with internal lan ips

Right now we have wan 1 functioning with our old isp. We tried to duplicate the configuration for wan 2.
This is not working although wan 1 connection is still ok.

Packets for wan 2 are dropped like this:
Warning RULE,  6000051, Default_Access_Rule, TCP, wan2, xx.115.40.yy, xx.14.225.yy, 32968, 80 , ruleset_drop_packet, drop

Any suggestions?
Thank you very much

[chechito]

PBR (policy based routing) is the solution

you have to create 2 routing tables:

1 for inbound connections from wan1 with a route to all nets interface=wan1 gateway=wan1_gw

2 for inbound connections from wan2 with a route to all nets interface=wan2 gateway=wan2_gw


create 2 routing rules:

1 for inbound connections from interface wan1 to wan1 ip forwarding main routing table and returning inb_wan1 routing table

2 for inbound connections from interface wan2 to wan2 ip forwarding main routing table and returning inb_wan2 routing table

create the corresponding sat and allow rules and its done

[thasteve]

can you give an example for the corresponding sat and allow rule?

[chechito]

the sat and allow rules are the less complicate thing in this scenario

i suggest you rtfm to avoid problems implementing this scenario

[thasteve]

nm i figured i had set wrong interface on routing rule