The procedure to indicate specific traffic go through specific wan interface
Zyxel_Charlie
Posts: 1,034 Zyxel Employee
SCENARIO DESCRIPTION:
On the USG, what is the procedure to configure WAN 1 for all traffic except VPN traffic, and WAN 2 for VPN traffic without failover?
SETUP/STEP BY STEP PROCEDURE:
1. Create a VPN gateway and VPN connection based on WAN 2.
2. Ensure that both WAN 1 and WAN 2 are in the WAN trunk.
3. Add rule 1 and rule 2 in the policy route.
Rule 1 is used for routing VPN traffic. Next-Hop is the VPN Gateway.
Rule 2 is used for routing other traffic, except for the VPN traffic.
When WAN is down, even if WAN 2 is in the trunk, only IPSec VPN traffic will pass through the trunk. Other traffic will not go through WAN 2 because of the policy route rule 2.
VERIFICATION:
The following is the ping result when WAN is disabled.
Ping to the IP address of the remote VPN subnet 10.90.88.132 is OK.
Ping to IP address 8.8.8.8 is NOT OK.
Tagged:
0
Categories
- All Categories
- 339 Beta Program
- 2.1K Nebula
- 112 Nebula Ideas
- 75 Nebula Status and Incidents
- 5K Security
- 39 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 64 Switch Ideas
- 882 WirelessLAN
- 32 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 325 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 810 Nebula FAQ
- 397 Security FAQ
- 214 Switch FAQ
- 190 WirelessLAN FAQ
- 44 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight