The procedure to indicate specific traffic go through specific wan interface
Options
Zyxel_Charlie
Posts: 1,034 Zyxel Employee
SCENARIO DESCRIPTION:
On the USG, what is the procedure to configure WAN 1 for all traffic except VPN traffic, and WAN 2 for VPN traffic without failover?
SETUP/STEP BY STEP PROCEDURE:
1. Create a VPN gateway and VPN connection based on WAN 2.
2. Ensure that both WAN 1 and WAN 2 are in the WAN trunk.
3. Add rule 1 and rule 2 in the policy route.
Rule 1 is used for routing VPN traffic. Next-Hop is the VPN Gateway.
Rule 2 is used for routing other traffic, except for the VPN traffic.
When WAN is down, even if WAN 2 is in the trunk, only IPSec VPN traffic will pass through the trunk. Other traffic will not go through WAN 2 because of the policy route rule 2.
VERIFICATION:
The following is the ping result when WAN is disabled.
Ping to the IP address of the remote VPN subnet 10.90.88.132 is OK.
Ping to IP address 8.8.8.8 is NOT OK.
Tagged:
0
Categories
- All Categories
- 390 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 220 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight