usg flex 700 traffic randomly swapping outgoing interface

AndreasJuel
AndreasJuel Posts: 3  Freshman Member
First Comment Friend Collector
in Security

I have a USG Flex 700, that look to be randomly swapping the wan interface that it tries to route traffic thru, some times it goes thru the right port others it does not, tho only from one network and seemingly not to every destination ip,
i have been going thru the configuration to see if i could find anything about a fallback that might have been set up, but have not found anything.

does anyone happen to know where and what i should look for?


i should probably mention that this is a firewall i have taken over from a former colleague who did not leave any documentation on it, nor did he got thru it with me before leaving.

Accepted Solution

  • PeterUK
    PeterUK Posts: 3,690  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Answer ✓

    You can make a routing rule to send traffic out the given WAN

All Replies

  • Zyxel_Judy
    Zyxel_Judy Posts: 2,019  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @AndreasJuel ,

    Based on your description, we assume that your USG FLEX 700 is configured with the WAN traffic load balancing feature. Please refer to page 421 of the User Guide for details.

    USG FLEX 700_V5.38_Ed2.pdf

    If there is no related WAN traffic load balancing configuration, please share your USG FLEX 700’s configuration file with us so we can assist in checking.

  • PeterUK
    PeterUK Posts: 3,690  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Answer ✓

    You can make a routing rule to send traffic out the given WAN

  • AndreasJuel
    AndreasJuel Posts: 3  Freshman Member
    First Comment Friend Collector

    @Zyxel_Judy the Trunk section just had the default trunk that the firewall came with,
    As @PeterUK meantioned makeing a Routing rule did semes to fix the issue, this was something i figured out my self yesterday before my post/question got thru the vetting process.
    to me it kinda looked like due to the firewall haveing 2 wan ports it just picked one at random to send the traffic thru despite one of them haveing been set up at a default GW, but adding a rule seemingly have fixed my issue, tho i still dont quite understand why it did not use use one of the wan ports and stuck with it.

  • PeterUK
    PeterUK Posts: 3,690  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    With the default trunk and no routing rules all WAN's are Active in Least Load First if your looking to do a fail over with routing rules you can have top rule
    incoming LAN1
    next hop WAN1
    Advance
    ping check to like 1.1.1.1
    bottom rule
    incoming LAN1
    next hop WAN2

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)