WAN Failover - hopefully an easy question
LeBourreau
Posts: 1
in Security
I've got a USG60 and want to configure WAN failover in the case of the primary WAN interface going down. I am planning to do this using the Trunk Spillover method as described in: 
https://www.youtube.com/watch?v=jogTfujoHkI
My question is, does this method automatically fail BACK once the primary WAN is reestablished. If not, how does one make that happen / can it be automated?
Thank you!
Ben
https://www.youtube.com/watch?v=jogTfujoHkIMy question is, does this method automatically fail BACK once the primary WAN is reestablished. If not, how does one make that happen / can it be automated?
Thank you!
Ben
0
All Replies
-
Hi @LeBourreau,
Yes, you can enable "Disconnect Connection Before Falling Back" at "CONFIGURATION > Network > Interface".
1 -
I think this was not the question Cooldia. LeBourreau is asking whether USG is switching back to the primary WAN interface as soon as it's re-established after a fail.The answer is YES. We are using "spill-over" in our WAN trunk, consisting of 1 100 Mbit/s active line and another 50 Mbit/s inactive line.When the active line is failing, USG switches to WAN2 and as soon as WAN1 is available again, USG is switching back.USG is reporting the WAN1 failure by alert log, but unfortunately not the switching-back to WAN1 as soon as it's available again. Maybe Cooldia has a hint for adjusting the log settings in this regard.0
-
You choose the time period, so there is a period of hesitancy before it switches over initially, and then a stall also of your choosing before it switches back. This way you can make certain that it should be stable. Intermittent yet constant issues may require manual intervention until resolved (depending on you types of traffic). Depending on how you do it, failure to access your target sites could also cause false issues. Generally vary reliable. Ideally both are close to the same speed so users won't easily notice. Some Zyxel devices will allow you to do this with three lines.0
-
We just experiencing a internet failure on WAN1. USG has immediately switched over to WAN2 and has sent an email alert log stating that WAN1 interface is dead and related policy rules are disabled. So far so good. And we also know that USG is automatically switching back as soon as WAN1 is alive again.But why the (alert-)log doesn't state that USG has switched over to WAN2?And why the USG doesn't report (alert log) when USG is switching back to WAN1 as soon as WAN1 has reestablished and connectivity check of WAN1 succeeded again? These are important infos for the administrator.Or is there a log setting option available which I didn't find until now?0
-
Once the wan1 is back, it have log indicate that Wan 1 routing status is active by connectivity check.
After that, traffic from lan goes to Wan 1 interface for Internet access.
0 -
Hi Cooldia,Thanks for your reply and sorry for my imprecise wording.I didn't mean the entries within the USG log. They are ok.When talking about "alert logs", I meant email sent logs. We are not permanently logged-in into USG to watch the log screen.That's why important "alert-logs" have been adjusted to be sent by email to administrators. And while the death of WAN1 will be sent, the successfully switching-over to WAN2 or the re-establishment of WAN1 followed by re-switch back to WAN1 will not be sent and cannot be adjusted to be sent.0
-
USG_User said:Hi Cooldia,Thanks for your reply and sorry for my imprecise wording.I didn't mean the entries within the USG log. They are ok.When talking about "alert logs", I meant email sent logs. We are not permanently logged-in into USG to watch the log screen.That's why important "alert-logs" have been adjusted to be sent by email to administrators. And while the death of WAN1 will be sent, the successfully switching-over to WAN2 or the re-establishment of WAN1 followed by re-switching back to WAN1 will not be sent and cannot be adjusted to be sent.Hi Cooldia,Could you kindly give me a short response whether the alert notifications by email could be adjusted as described above?
0 -
Hi @USG_User,
Mail will be sent out when the log is alert level. Maybe you can try to attach USB stick for log archive if you want to keep all event log.0 -
Hi Cooldia,Again, I'm aware that mails will be sent out when log is set to alert level.And further, it's not helpfull that some log entries could only be saved on USB stick.We (administrators) are often outside the office without remote access to USB log of the USG. That's why it would be great when not only the WAN1 failure is reportable by alert log (means email notification). We are also interested to be immediately informed by email when USG is successfully switching over to WAN2, and later, successfully switching back to WAN1 as soon as it is available again. But it seems this is not adjustable in alert log settings. Could you countercheck this please?0
-
But Cooldia is correct about the session disconnect. If that box isn't checked, when WAN1 comes back up and it auto switches back, any existing connections will remain on WAN2, some of which can stay up a loooooong time. So it seems like it didn't fall back. We always check that box unless a client is using VoIP phones or some other connection critical application0
Zyxel Employee
Master Member
Ally Member
Categories
- All Categories
- 429 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 350 USG FLEX H Series
- 291 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 261 Service & License
- 406 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight
