Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 4949 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configure multiple WAN traffic rule

StefanoColombo

HI ,

we are adding a new ISP provider to an SG310 firewall to be able to :

- split outgoing traffic by protocols and/or clients

- providing server publishing HA ( SMTP server published on both external IP )

 

so we did :

- added a new interface with the new public IP .

- Enabled Uplink balancing  , with the two interfaces

- created an UPLINK Group with the two external interfaces with the new one as first in the group

- created a multipath rule to test it as

 

however the Test PC is still natted with the original WAN interface

Do we miss something ?

thanks



This thread was automatically locked due to age.
Parents
  • 0

    Hi Stefano,

    you have to set "by interface" under ltf. persitence and then the desired interface.

    If you set this to by connection you have a round-robin mechanism that sets the actual outgoing interface.

    Here you can work with a weight mechanism in the uplink balacing tab.

    By default the persistence is set to one hour and weight is set to 100 of every external interface configured.
    So after an hour you have a 50:50 chance to get the same outgoing interface.

    I prefer the method with the persistence by interface so I can choose which is the outgoing interface.
    If you have not ticket skip interface rule by error no one can access the internet by your defined rule.

    Hopes this helps.

    Best Regards
    DKKDG

Reply
  • 0

    Hi Stefano,

    you have to set "by interface" under ltf. persitence and then the desired interface.

    If you set this to by connection you have a round-robin mechanism that sets the actual outgoing interface.

    Here you can work with a weight mechanism in the uplink balacing tab.

    By default the persistence is set to one hour and weight is set to 100 of every external interface configured.
    So after an hour you have a 50:50 chance to get the same outgoing interface.

    I prefer the method with the persistence by interface so I can choose which is the outgoing interface.
    If you have not ticket skip interface rule by error no one can access the internet by your defined rule.

    Hopes this helps.

    Best Regards
    DKKDG

Children
No Data
Unfiltered HTML