USG110 - Fixed Zone Allocation to WAN Ports possible?
We've got a little lack of clarity. Since a few days we got a second internet connection, means both WAN ports are occupied right now where each connection has its own fixed IP address.
Now we got different opportunities to arrange a BWM between both, called "spillover", "weighted round robin" or "least load first". But this is not what we are intending to arrange. We would like to allocate different internal zones, like LAN1 and LAN2 to WAN1 while other zones, like DMZ should be allocated to WAN2. There should not be any kind of redundancy between the two WANs. In case one WAN is malfunctioning, the connected internal USG zones have no internet access.
But we don't find any options to arrange this behaviour. Is that even possible?
0
All Replies
-
You can force zones to use given WAN in routing rule from a given incoming interface to next hop.
0 -
Thanks Peter. We are always shying away from creating permanent routing rules. But maybe we should give it a try.In that case, do we have to use ROUTING > POLICY ROUTE with option enabled: "IPv4 Policy Routes to overwrite Direct Route"?0
-
Thanks Can,We've got different Security Policies in place to control not only the outgoing traffic to the internet, but also the traffic between different USG interfaces, for example from LAN2 to LAN1. If we set the "next hop" for LAN1/LAN2 to WAN1, is then any traffic between LAN1 and LAN2 prevented because it will be routed to WAN1 in any case?Or will the "next hop" only be applied for "internet" packets which are not identified as "local traffic" (private IPs of different USG zones)?0
-
Hi @USG_User,
You can check Routing Flow;
(Maintenance > Packet Flow Explore > Routing Status)If in your flow Direct Route comes before Policy Route, your LAN1-LAN2 traffic still works.
If it’s not, please make sure Use IPv4 Policy Route to Overwrite Direct Route checkbox is not checked.
(Configuration > Network > Routing > Policy Route > Advance)
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight