SDWAN and VLANs
I have several internet lines installed, I have always used multiwan for failover but thought I would use some of our extra external connections for different departments. During test, setting up an SDWan policy to use one of this lines "appears" to work. If I check my external IP its all fine and works as expected...
My problem though it that any devices that are using this other external inface can no longer communicate with any device on other vlans. They are fine on their own vlan and communicate with other devices fine but everything else times out. Checking the firewall traffic log, it shows the connection going out via the external interface instead of simply routing directly.
Any idea what might be wrong with the setup. Surely the firebox shouldn't try and route non routable IPs via an external interface? I mean the clue is in the name it is called SD-WAN not SD-LAN
Comments
Could be that you need 2 different policies - 1 for internal access & 1 for external access.
SD-WAN should only be used on policies where the traffic is expected to go out an external interface.