The procedure to indicate specific traffic go through specific wan interface
Zyxel_Charlie
Posts: 1,034 
Zyxel Employee
Zyxel Employee
SCENARIO DESCRIPTION:
On the USG, what is the procedure to configure WAN 1 for all traffic except VPN traffic, and WAN 2 for VPN traffic without failover?
SETUP/STEP BY STEP PROCEDURE:
1. Create a VPN gateway and VPN connection based on WAN 2.
2. Ensure that both WAN 1 and WAN 2 are in the WAN trunk.
3. Add rule 1 and rule 2 in the policy route.
Rule 1 is used for routing VPN traffic. Next-Hop is the VPN Gateway.
Rule 2 is used for routing other traffic, except for the VPN traffic.
When WAN is down, even if WAN 2 is in the trunk, only IPSec VPN traffic will pass through the trunk. Other traffic will not go through WAN 2 because of the policy route rule 2.
VERIFICATION:
The following is the ping result when WAN is disabled.
Ping to the IP address of the remote VPN subnet 10.90.88.132 is OK.
Ping to IP address 8.8.8.8 is NOT OK.
Tagged:
0
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 164 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight