Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[oxen91]

Hello

I have a DFL-800.

I want separate traffic via the WAN 1 and 2.

exemple for traffic to internet:

if : source 192.168.1.2 - destination 82.23.23.23 --> go wan2
if : source 192.168.1.5 - destination 90.25.25.25 --> go wan1

exemple for traffic from internet

if : source any - destination port 10625 from wan 2 --> 192.168.1.2 port 10625
if : source any - destination port 80 from wan 1 --> 192.168.1.5 port 80

the system must be securing. if the wan 1 is down, the wan 2 take all the traffic to internet.

exemple :

if : source 192.168.1.2 - destination 82.23.23.23 --> go wan2
if : source 192.168.1.5 - destination 90.25.25.25 --> go wan2 (because wan 1 is HS)

Can you help me to configure the rules and ip route.

Actually the firewall works only by the wan 1 port.

thinks for all.

[oxen91]

after a big reading, i succeeded the backup of the wan1 to wan2. i begin to works in the ip route rule for manage the traffic.

the fonctionnaly is very different of the fortigate or zywall firewall and the error is possible.

[oxen91]

It's possible to redirect the traffic by source ?

exemple for traffic to internet:

if : source 192.168.1.2 - destination 82.23.23.23 --> go wan2
if : source 192.168.1.5 - destination 90.25.25.25 --> go wan1

i've just test a rule in routing table /main

interface : wan2
network : all-nets
gateway : 192.168.10.1
local ip adress : 192.168.1.2
metric : 10

but the server 192.168.1.2 stay our traffic on the wan 1???


if you have a idea???

think's

[Fatman]

Use a secondary routing table and a routing rule to route traffic based on source or destination, interface, network, or service information.

[oxen91]

hello

think's for your response.

i've just create a new routing tables : (main2)

interface :wan2
network : wan2net
gateway : none
metric : 50

and

interface : wan2
network : all-nets
gateway : 192.168.10.1
metric : 50

i don't now if it's important to create 2 routings

and i create a routing rules

forward routing  : main2
return routing : main2
service ; all services
schedule : none

Source                              Destination
interface : lan                    interface : wan2
network : 192.168.1.2         network : all-nets

i'm test that but the traffic of the 192.168.1.2 stay in the wan1???

a idea?

thinks

[Fatman]

Make the return table main.

Make an interface group called WANs, include both WANs, and make that your destination interface on the routing rule.

[oxen91]

hello happy years 2010.

I don' t arrive to redirect the server traffic on the wan 2 and the overs pc on the wan 1

my routing table main :

1      Route      wan2      wan2net                 100     No     Direct route for network wan2net over interface wan2.
2     Route     wan2     all-nets     192.168.10.1         100    No    Default route over interface wan2.
3     Route     dmz     dmznet              100    No    Direct route for network dmznet over interface dmz.
4     Route     lan     lannet              100    No    Direct route for network lannet over interface lan.
5     Route     wan1     wan1net              100    No    Direct route for network wan1net over interface wan1.
6     Route     wan1     all-nets     192.168.1.1         100    No    Default route over interface wan1.
7     Route     wan1     all-nets     192.168.1.1         80    Yes    
8     Route     wan1     wan1net              80    Yes    
9     Route     wan2     wan2net              90    Yes    
10     Route     wan2     all-nets     192.168.10.1         90    Yes    
11     Route     wan2     192.168.0.0/24     192.168.10.1         10    No    

i want to redirect the server 192.168.255.1  traffic to internet to wan 2
over traffic to internet to wan 1

the traffic from internet to server 192.168.255.1 can arrive from wan 1 or wan 2.

description :

192.168.255.1 -----> internet -----> go wan 2
192.168.255.0/24 -----> internet ------> go wan 1
wan 1 or 2 -----> internet ftp -----> 192.168.255.1
wan 1 or 2 -----> internet web server -----> 192.168.255.1


if you can developed and describe the configuration...

think's for all

sorry for my english but i'm french user

[oxen91]

Hello

im' very confuse

it's not ok because the wan2 was down :-(
After reboot firewall and the router, it's ok now.

I'm create a 2nd ip route table with :

1      Route      wan1      all-nets      192.168.1.1           60     Yes     
2     Route     wan1     wan1net                              60    Yes    
3     Route     wan2     wan2net                              50    Yes    
4     Route     wan2     all-nets     192.168.10.1         50    Yes    
5     Route     lan     lannet                                      100    No

For force routing rules to go to wan 2

and i create a routing rule with :

Name:   
      
Forward routing table:   main2
Return routing table: main2   
Service: all_services
Schedule: none

           Source    Destination
Interface:   LAN              wangrp
Network:    server          all-nets
   
And before i create a interface group :

1         wangrp     wan1, wan2     

think's a lot Fatman for your information.

say me if you see an error in my configuration.

I work's now to create a DHCP server with static (mac adress --> ip).

 
     

[oxen91]

excuse me just a precision :

i want to test a rule with :

192.168.255.5 --> 8.8.8.8 -----> go wan2 (main2)
192.168.255.5 --> all -----> go wan1 (main)


Name: test
Forward routing table: main2
Return routing table: main 2
Service: all_tcpudp   
Schedule: none   

              Source          Destination
Interface:    lan                     wangrp
Network:  192.168.255.5    8.8.8.8
   
i'm test that but it's nok. my traceroute go to wan1

space no ?

[oxen91]

lol very sorry

after a reload of the firewall it's ok. i think if you touch the ip route of the firewall, it's very important for it to a full restart.