watchguard routes

lp14_14lp14_14
edited April 2023 in Technical Discussion

Hi all, and thank you for reading. I am facing this issue:

n° 2 wan with order set in multi wan.

If i want to set a route it doesn't work and also it doesn't appear under all the routes in the SYSTEM STATUS -> routes ( this route is to reach a publick ip)
why ?

i set up another route that appear there and works. ( this route is to reach a private subnet )

thanks for your help
best regards

Comments

  • lp14_14lp14_14

    @Bruce_Briggs please can you help me :)

  • Bruce_BriggsBruce_Briggs

    Hard to help without more info.
    What is the device which has the Gateway IP addr?

    For the record, what firewall model do you have and what Fireware version is it running?
    Do you have an active support license on this firewall?

  • lp14_14lp14_14
    edited April 2023

    scenario :

    wan 1 - wan ip 192.168.100.2 wan gateway 192.168.100.1
    wan 2 - wan public ip 2.2.3.3 wan gateway 2.2.3.1

    if i setup wan 2 like primary but i set up also a route like this
    netmask 10.25.10.0/4 gateway 192.168.100.1 it works

    it i setup wan 1 like primary but i set up a route like this
    ip to get 2.5.5.100 gateway 2.2.3.1 it doesn't work
    and it doesn't appear under system routes

    it should work like this cause 2.2.3.3 has a bovpn up trought you can get the 2.5.5.100

    what there's wrong ?

    really thanks

  • Bruce_BriggsBruce_Briggs

    What does this mean? "if i setup wan 2 like primary "

    Is the /4 correct or a typo? "10.25.10.0/4"

    If you can get to 2.5.5.100 via the BOVPN, why do you want to add a Network Route?

  • lp14_14lp14_14
    edited April 2023

    What does this mean? "if i setup wan 2 like primary "

    • I mean I change the order in the multiwan section ..

    If you can get to 2.5.5.100 via the BOVPN, why do you want to add a Network Route?

    • i can get the ip addr correctly only when the wan involved in the bovpn is the first one in multiwan .. if it is the second i cannot

    Is the /4 correct or a typo? "10.25.10.0/4"

    • this is /24 but it doesn't really matter is only an example
  • Bruce_BriggsBruce_Briggs

    What Multi-WAN type have you selected?

  • Bruce_BriggsBruce_Briggs

    AND what Fireware version are you running?????????????/

  • lp14_14lp14_14

    multi wan is in failover.. but only when wan 2 is the primary accept a route to wan 1 and it works

    m200 firmware 12.5.7.b640389

  • Bruce_BriggsBruce_Briggs

    So it looks like you have not done the free upgrade to 12.5.9 Update 2 to address the Cyclops Blink issue.

    You should read the 12.5.9 Update 2 Release Notes and plan on upgrading to 12.5.9 Update 2.
    This version originally came out in Feb 2022.

    I have no idea why this is working this way. Perhaps the upgrade will change this.

  • Bruce_BriggsBruce_Briggs

    Should the problem exist after the upgrade, consider changing from Failover to Interface Overflow, and set up a SD-WAN action for your desired primary with the other as the backup.
    Then apply this SD-WAN action to all policies which you want to go out the primary.

    You can use WSM Policy Manager to make all of these changes prior to uploading the fully changed config to the firewall, and if things don't go well, you can have a backup of the prior config quickly available to upload to the firewall.

Sign In to comment.