2 ISP (WAN 1 and WAN 2 ) USG FLEX 200

shopy95

I need to create two vlans on LAN 1

Vlan 1 -> bussines network --> WAN 1 but failover to WAN 2

Vlan 2 --> private network --> WAN 2 but failover to WAN 1

Can you help me on how these two Vlans should be configured?

Thanks in advance.

PeterUK

I would suggest not using VLAN1

So make some zones firsts for VLAN like VLAN2 and VLAN3 so that you have more control over firewall rules

Then make VLAN on base port LAN1 for VLAN2 and VLAN3 with given zones LAN IP like 192.168.20.1/24 and 192.168.30.1/24.

Make routing rules IN order
Incoming VLAN2 next hop WAN1 with advance ping check for that rule to ISP DNS server or what you like with Disable policy route automatically while Interface link down and Enable Connectivity Check I like to use check period 5 check timeout 1 check fail tolerance 2

Incoming VLAN2 next hop WAN2

Incoming VLAN3 next hop WAN2 with advance ping check for that rule to ISP DNS server or what you like with Disable policy route automatically while Interface link down and Enable Connectivity Check I like to use check period 5 check timeout 1 check fail tolerance 2

Incoming VLAN3 next hop WAN1

then make policy rules

VLAN2 to WAN1
VLAN2 to WAN2
VLAN3 to WAN1
VLAN3 to WAN2

shopy95

Can you kindly show me how to create policy rules? Thanks in advance.

PeterUK

Have you setup a switch with VLANs? what are the VLAN's

shopy95

I'm talking about how the vlans should be written in the usg flex 200 policy control

PeterUK

set up zones for VLAN1 and 2 then make VLAN on a given base port like LAN2 check your port role

make routing rules

have them in this order

then policy control if WAN is WAN1 and WAN2

shopy95

Many thanks.
Regards