Hi, we need a solution for the following issue: We started with one WAN interface on our UTM 9. All incoming VPNs (site-to-site and client) are configured to it. China seems to now block this IP. We can’t bring up the site-to-site VPN or client VPNs to this IP. As a workaround we configured an additional interface as 2 nd WAN interface with a different IP from our WAN IP range. (unfortunately additional IPs on the WAN interface can’t be used as VPN endpoint). The site-to-site VPN from China comes up on this interface/IP. Now the problems start. The ISP router sometimes gets the wrong MAC for some of our IPs. So .. two WAN interfaces in the same network subnet/segment aren’t supported. Changing the IP on the primary WAN link is barely possible because of all the client VPNs we have out. Can someone advice on a different approach?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Two WAN interfaces in the same subnet

INVERTO IT over 5 years ago

Hi,

we need a solution for the following issue:

We started with one WAN interface on our UTM 9. All incoming VPNs (site-to-site and client) are configured to it.
China seems to now block this IP. We can’t bring up the site-to-site VPN or client VPNs to this IP.
As a workaround we configured an additional interface as 2^nd WAN interface with a different IP from our WAN IP range. (unfortunately additional IPs on the WAN interface can’t be used as VPN endpoint). The site-to-site VPN from China comes up on this interface/IP.
Now the problems start. The ISP router sometimes gets the wrong MAC for some of our IPs.

So .. two WAN interfaces in the same network subnet/segment aren’t supported.

Changing the IP on the primary WAN link is barely possible because of all the client VPNs we have out.

Can someone advice on a different approach?

This thread was automatically locked due to age.

Parents

Reply

Children

No Data