ZW USG20W-VPN don't disable policy routes on startup
Options
Hi all.
ZW USG20W-VPN with V5.10(ABAR.0) / 2021-09-23 22:23:04
3 vti interfaces (vti0, 1, 2) and 2 trunks vti with vti0,1 in active/active in WWR, vti_log with vti2 active WWR.
On vti enabled Connectivity Check.
2 Policy routes
1 to remote_lan2 via vti_log with enabled option "Disable policy route automatically while Interface link down"
2 to any via vti.
In trunk vti_log status vti2 in dead state, but route don't disable automatically
Why device don't disable routes with inactive interfaces?
Update: as i understand, ZW don't disable dead policy routes on startup. Only that it founds during work.
ZW USG20W-VPN with V5.10(ABAR.0) / 2021-09-23 22:23:04
3 vti interfaces (vti0, 1, 2) and 2 trunks vti with vti0,1 in active/active in WWR, vti_log with vti2 active WWR.
On vti enabled Connectivity Check.
2 Policy routes
1 to remote_lan2 via vti_log with enabled option "Disable policy route automatically while Interface link down"
2 to any via vti.
In trunk vti_log status vti2 in dead state, but route don't disable automatically
Why device don't disable routes with inactive interfaces?
Update: as i understand, ZW don't disable dead policy routes on startup. Only that it founds during work.
0
All Replies
-
Same thing on USG1100 with V4.70(AAPK.0). Routes with dead trunks don't disable.
On V4.65(AAPK.0) all works fine.
Update: other vti trunk with same settings was autodisabled.
As i understand, ZW don't disable dead policy routes on startup.
0 -
Hi @alexey
Lab test based on your description. i can see the the policy route change to disable status.
can you see alert log as below in Monitor > Log > View Log > Priority=alert ?
0 -
0
-
Right after reboot i can see this events
But vti1 sets in normal state after some time. vti0 & 2 in dead state
0 -
0
-
Hi @alexey,
We would like to conduct a lab test based on your configuration file. Can you send me your configuration file to me in private message.0 -
Hi @Zyxel_Cooldia
I sent conf file.0 -
Same issue on other test site with same device on same fw.It don't disable routes via disconnected vti interface and via trunk with 2 disconnected vti after reboot.When i create them - routes disabled.After reboot them enabled and them don't disabled during work.0
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 86 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 916 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight