Virtual WAN interface or multiple WAN IP method
Master Member
I have a WAN connection with 5 available static IP addresses. I want to send guest traffic over a different IP than the business traffic. Can I create a virtual WAN and a policy route to do this?
When I try to create a new WAN interface I get a warning about multiple interfaces on a port group. I'm not sure if that means I need to enter a VLAN, but that gives me some confusion...
When I try to create a new WAN interface I get a warning about multiple interfaces on a port group. I'm not sure if that means I need to enter a VLAN, but that gives me some confusion...
0
All Replies
-
Hello TAPTech,One WAN port group only can have one WAN interface binding regardless it is a virtual WAN or not. It means you cannot add a new (Virtual) WAN interface in a WAN group which already bound to another WAN interface.
Is it the error message you meet? If not, please provide a screenshot of the error message and the settings of your WAN interface, thank you.
James0 -
Hi James,
Yes, that is the same error. I am used to my old USG60 series, where you could add a virtual interface to the existing WAN interface. What options do we have to route guest traffic over a different static IP in the same WAN interface? In this case, I have 5 static IP's available from the ISP.0 -
Hello @TAPTechNebula mode does not support that binding multiple WAN interfaces in one WAN group. In other words, each WAN Group can only have one WAN (virtual)interface.James0
-
Thank you James, I understand the limitation. Is there another method that you can think of, that can route traffic from a certain internal subnet over a different public static IP?0
-
I don't get why zyxel did Nebula if its not going to have all the options of standalone?0
-
Hello @TAPTechDo you mean by Policy Routing? Policy Route allows you to route a certain subnet to a specific WAN interface.
James0 -
Almost. I have WAN1 plugged into a fiber gateway/modem. I have 5 static public WAN IP's available. I want to route all outbound traffic from a certain internal subnet over one IP, and traffic from a different internal subnet over another IP. I could do this relatively easily with my USG60, non-nebula firewall.0
-
@TAPTech, could you provide your routing topology with a diagram? and what do you encounter when setting it up on Nebula? thank you.James0
-
I have the same issue : multiple WAN IP’s.
Inbound traffic should be able to NAT depending on witch IP is called.
IE:
1.1.1.1:443 NAT 192.168.1.43
1.1.1.2:443 NAT 192.168.254.43
How do I do this?
(On USG one just create virtual WAN-innerface and NAT them)
0 -
You can give the same subnet address in Virtual Server "public IP"
Firewall will do proxy ARP so traffic know where to send
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
