Routing LAN1 to WAN1 LAN2 to WAN2

EMMEGI
EMMEGI Posts: 5  Freshman Member
First Comment Friend Collector Sixth Anniversary
edited August 5 in Security

Hi, I have a scenario like this with a USG Flex 100
I have 2 wan WAN1 and OPT_WAN2, WAN2 is currently configured as a backup line in Spillover
In case the primary WAN1 line does not work, WAN2 is activated
Up to this point everything works fine.
The problem arose when I had to route LAN1 to use WAN1 and LAN2 to use OPT_WAN2
I ask for help on where I am going wrong or how to perform this routing function. Thanks

Accepted Solution

  • zyman2008
    zyman2008 Posts: 219  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary
    Answer ✓

    Hi @EMMEGI ,

    To classify the scenario, is this you want ?

    LAN1 use WAN1 by default, if WAN1 is alive.

    If WAN1 has problem, then LAN1 can use WAN2 as backup link.

    LAN2 use WAN2 by default, if WAN2 is alive.

    If WAN2 has problem, then LAN2 can use WAN1 as backup link.

All Replies

  • PeterUK
    PeterUK Posts: 3,389  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited August 2

    As the manual says Passive is only used when Active is down

    You can do fail over with routing rules

    Disable policy route automatically while Interface link down
    Enable Connectivity Check

  • EMMEGI
    EMMEGI Posts: 5  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    Thanks for your reply and help
    But maybe I explained myself badly.
    Failover works perfectly. My question was the following
    I find myself in front of a scenario with two WANs and two LANs
    I would like LAN1 to use WAN1 to navigate and LAN2 to use WAN2
    I would like to use WAN2 for customers who come to the company with their notebook which is a backup line that is only needed if WAN1 has problems. But when WAN1 has no problems WAN2 must only serve customers
    This is my problem

  • zyman2008
    zyman2008 Posts: 219  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary
    Answer ✓

    Hi @EMMEGI ,

    To classify the scenario, is this you want ?

    LAN1 use WAN1 by default, if WAN1 is alive.

    If WAN1 has problem, then LAN1 can use WAN2 as backup link.

    LAN2 use WAN2 by default, if WAN2 is alive.

    If WAN2 has problem, then LAN2 can use WAN1 as backup link.

  • EMMEGI
    EMMEGI Posts: 5  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    Thanks for your reply and help
    But maybe I explained myself badly.
    Failover works perfectly. My question was the following
    I find myself in front of a scenario with two WANs and two LANs
    I would like LAN1 to use WAN1 to navigate and LAN2 to use WAN2
    I would like to use WAN2 for customers who come to the company with their notebook which is a backup line that is only needed if WAN1 has problems. But when WAN1 has no problems WAN2 must only serve customers
    This is my problem

  • EMMEGI
    EMMEGI Posts: 5  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    Yes, the scenario is more or less what I would like
    but currently I would be interested in LAN2 using exclusively WAN2 because it is only a network for passing customers and therefore does not need priority in the event of a service failure. In any case, the scenario proposed above would be perfect

  • PeterUK
    PeterUK Posts: 3,389  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited August 2

    I would be interested in LAN2 using exclusively WAN2 because it is only a network for passing customers

    But if WAN 1 is fine the Passive WAN 2 will not work as said this is why you need use routeing fail over

    use system default trunk

    setup routing rules

    rule1

    incoming LAN1 next hop WAN1

    enable in advanced

    Disable policy route automatically while Interface link down

    Enable Connectivity Check to a IP like DNS 1.1.1.1

    rule2

    incoming LAN1 next hop WAN2

    rule3

    incoming LAN2 next hop WAN2

    enable in advanced

    Disable policy route automatically while Interface link down

    Enable Connectivity Check to a IP like DNS 1.1.1.1

    rule4

    incoming LAN2 next hop WAN1

    when ping is good LAN1 uses WAN 1 if ping check fail LAN1 uses WAN2

    when ping is good LAN2 uses WAN 2 if ping check fail LAN2 uses WAN1

  • zyman2008
    zyman2008 Posts: 219  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary
    edited August 2

    Hi @EMMEGI ,

    1. Keep the current WAN Trunk setting.

    2. Go to Routing > Policy Route, just add a policy route for LAN2 to WAN2.

  • EMMEGI
    EMMEGI Posts: 5  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    There is no traffic on WAN2. Do you recommend restarting the firewall?

  • zyman2008
    zyman2008 Posts: 219  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary

    Hi @EMMEGI ,

    Check the settings of opt-wan2 interface.

    Make sure,

    (1) The type is external

    (2) The ZONE is WAN

    (3) With Gateway setting if the IP address is static.

Security Highlight