Dual-WAN addressing
(13 September 2012)
The management interfaces on ethernet0/0 are available now whenever the link on ethernet0/0 is up. The state of the PPPoE link does not affect availability.
this KB article)
Problem
I have two WAN interfaces from different ISPs. One is on ethernet0/0 and is static; one is on ethernet0/1 and is PPPoE. Both have default routes configured.When both interfaces are up, the firewall prefers to use the PPPoE link. When the PPPoE link drops, the firewall automatically starts using ethernet0/0 instead.However, I can only ping the IP on ethernet0/0 from the internet when the PPPoE link is down.(This is because the reply-packet to the ping request is routed out the preferred default route, but the PPPoE ISP will not route packets with a source IP address of the ethernet0/0 ISP.)Solution
Use this setting:set flow mac-cache mgt save
Discussion
I frankly have no idea why this works, I just know it does.(Source: JTAC, andthis KB article)
no comments |
post comment
Virtual Dave Megaplex:
- Home Page
- This wiki's start page
- Send Feedback To Dave
Logged in Users: (0)
Recently Changed
Check Internet Service Database Match- Device-Local Certificate Expired
- CLI Policy Lookup
- DH Selection For IPsec VPNs
- Scan For Newly Added Disk
- nmap
- Seconds Since Epoch to Local Time
- Link Monitor
- DH group to OAKLEY_GROUP table
- Fire Eater
- start
- FortiClient Error Codes
- dhparams Generation
- SSL Certificate Bundles
- ufw
- Grow A LVM Partition
- Creating Users
- whoami
- list databases
- 2023
- 2022
- 2019
- 2018
- 2017
- 2011
- 2010
- 2008
- 2001
- 2000
- 1999
Editing: snipsnap-help, Image Macro(Et auditum est, et idcirco ego nunc simulare)
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.