The procedure to indicate specific traffic go through specific wan interface
Zyxel_Charlie
Posts: 1,034 
Zyxel Employee
Zyxel Employee
SCENARIO DESCRIPTION:
On the USG, what is the procedure to configure WAN 1 for all traffic except VPN traffic, and WAN 2 for VPN traffic without failover?
SETUP/STEP BY STEP PROCEDURE:
1. Create a VPN gateway and VPN connection based on WAN 2.
2. Ensure that both WAN 1 and WAN 2 are in the WAN trunk.
3. Add rule 1 and rule 2 in the policy route.
Rule 1 is used for routing VPN traffic. Next-Hop is the VPN Gateway.
Rule 2 is used for routing other traffic, except for the VPN traffic.
When WAN is down, even if WAN 2 is in the trunk, only IPSec VPN traffic will pass through the trunk. Other traffic will not go through WAN 2 because of the policy route rule 2.
VERIFICATION:
The following is the ping result when WAN is disabled.
Ping to the IP address of the remote VPN subnet 10.90.88.132 is OK.
Ping to IP address 8.8.8.8 is NOT OK.
Tagged:
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight