USG110 - Losing internet connection when plugging in WAN2 line

Jovy83
Jovy83 Posts: 1
edited October 2021 in Security
Hi

We have a Zyxel USG110 as the router in our office. We have 2 lines: ISP line (data) and SIP provider line (voice only, no data). 

We currently have 2 LAN subnets: 
LAN1: 192.168.0.0/24 
LAN2: 192.168.21.0/24

Our ISP line is plugged into WAN1. SIP provider line is currently unplugged but it goes to WAN2.

In Network > Routing, we currently have 4 policy routes (also attached screenshot)
- Incoming=any excl ZyWall, Source=LAN1 subnet, Destination= WAN1 IP, Next-hop=wan1
- Incoming=any excl ZyWall, Source=LAN2 subnet, Destination= WAN1 IP, Next-hop=wan1
- Incoming=any excl ZyWall, Source=192.168.0.201, Destination= WAN2 IP, Next-hop=wan2
- Incoming=any excl ZyWall, Source=192.168.0.203, Destination= WAN2 IP, Next-hop=wan2



side note: 192.168.0.201 and 192.168.0.203 are IPs for our PABX which supposedly uses the WAN2 line.

With this current config, all our users in LAN1 and LAN2 are able to access the internet.

The issue comes in when we plug in the SIP provider line to WAN2. When SIP provider line is plugged into WAN2, all users in both LAN1 and LAN2 lose access to the internet. To add more details, I have a PC in LAN1. I can connect to this PC via Anydesk remote from an external location but said PC doesn't have outgoing / internet access when WAN2 is plugged is in.

When SIP provider line is unplugged from WAN2, internet connection is restored for all users in LAN1 and LAN2.

Anyone know the possible config error that's causing this? Appreciate any assistance on troubleshooting this issue and current router config.

Thanks.

All Replies

  • CHS
    CHS Posts: 177  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    You may have a check WAN2 IP address is any IP conflict to other interfaces.
  • mMontana
    mMontana Posts: 1,298  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited October 2021
    IMVHO I don't know if these routes make sense...
    Destination cannot be the WAN2IP, destination should be the ip addresses of your SIP providers.
    Because PABX 201 and 203 should look for the IP/IPs of the SIP provider (currently unprovided) and USG110 should route these requests to WAN2 as Next Hop. Maybe even only for... SIP traffic, not for whole internet (IDK, maybe PABX needs update from internet and/or remote support? also... maybe external extensions, if connected via IPSec/IAX)
    All other requests, no matter what, should be routed to WAN1 as next-hop.

Security Highlight