Hi everybody,
we´ve got the following setup and I´m pretty sure that I´ve discovered a bug in UTM.
We´ve got a SG430 in the headquater and SG115 in the branch-offices.
In the headquater we have two active wired internet connections for internet breakout (uplink balancing)
In the branch-office we have a wired internet connection and additionally a LTE-Connection connected via LTE-Modem over network (ethernet) attachted to the firewall.
We´ve configured two RED-Tunnels (in the branch-office) which point to the public address(es) of the headquater-firewall.
The config is working so far and everything is fine - except the traffic flow. Here´s the error / misbehaviour:
We´ve configured both internet connections in uplink balancing (wired: 100 percent) and LTE: 0 Percent.
Furthermore we´ve implemented two Multipath Rules (Any Source, Any Service, Destination of the public IP´s of the HQ-Firewall) with an Interface Persistance bound to the wired connection of the branch office. - Option "Skip Rule on Interface Error" is enabled -> Aim is to have both connections active, but traffic should normally go through the wired connection and in event of failure switch to the LTE-Connection.
What happend with this setup in place is, that both connections were used for RED-Traffic, although we tried to stick the traffic to the wired connection.
Therefore the traffic-limit of the LTE-Connection has been reached quiet quickly and the performance broke down....
We´ve done a tcpdump on the interface where the LTE-Modem is connected and could see that the RED-Traffic goes through that interface
Here´s an example-output of the dump:
16:01:06.287243 IP gw-xxx.yyy.com.redv2-data > zzz.yyy.com.redv2-data: UDP, length 116
Strange is, that the headquater-firewall in RED-Management says that both RED-Tunnels come from the public IP-Address of the wired connection of the branch-office...
My question is, has anybody an idea how to solve this? Or any hint? - Or is it actually a case for the support...
This thread was automatically locked due to age.
