Adding WAN interface removes active WAN interface from Default SNAT rule, taking network down

Question

Customer is installing a new ISP connection but will have the old one for a while as they have WAF to an internal server, and DNS pointing to current ISP PIP. Left Port2 configured as it was. WAN zone, with static IP info. Configured Port3 to be the new ISP connection. Then the network went down. DNS didn't work. All kinds of strange. Checked the NAT policy as traffic is not going out the Internet and sure enough, Port2 was removed and Port3 added. 
 Seems like a bug to me. We've experienced this before but not consistently. Is this an issue anyone else has faced? 
 XGS116 on 19.5.3.

Mostafa Fikry · Answer

The final fix for me was to disable/remove the "Default SNAT IPv4" which has a description of "Updated automatically with WAN interface changes." which sounds like a promise to break things and ruin your day, and create an identical NAT rule (I have it at the bottom of my NAT rules list) having the Outbound interface set to "Any" only this time updating interfaces won't change the Outbound interface in the manually created rule.

Adding WAN interface removes active WAN interface from Default SNAT rule, taking network down

Top Replies