14 external interfaces

MaxspeedMaxspeed
edited September 9 in Firebox - Networking, Multi-Wan, VLAN, NAT, SD-WAN

Hi

I have a M590 with 8 interfaces built in and another module of 8 and 2 fiber ports

my isp give me 2xx.xxx.xxx.xxx /28 = 14 IP (for gateway and external interfaces)

M590 interfaces <---> 24 ports switch <---> ISP router Port

The switch do the link between my M590 external interfaces and my isp router port, working fine, but the problem I will add another M590 for HA and i will need another switch to complete the same setup with second router.

My question :

is it possible to link all external interfaces inside the watchgard and / or with vlans to exit directly with one port to the ISP router port ????? out 14 IP to ISP router 1 port ???

maybe the configuration is available inside the watchguard and I dont know how to do it or thats only possible with a switch between my M590 and ISP router.

I use sd-wan to send and receive to specific traffic to external interface for firewall rules

Thank you for your answer

Guy

Comments

  • MaxspeedMaxspeed

    Hi

    solution is below

    Answer from watchguard technical support : this the way to do it .....

    You would have to configure the single external interface with one public IP on the IPv4 tab and the rest of your usable IPs from the /28 subnet on the secondary tab. Then you would need to configure either network Dynamic NAT rules or set Policy-Based Dynamic NAT to set the source IP instead of using SD-WAN.

    SD-WAN is used to pick from multiple external interfaces but in this scenario you would have only one external interface with multiple IPs so SD-WAN would not be used anymore. For more details on using Network Dynamic NAT (DNAT) and Policy-based Dynamic NAT please see our documentation here:

    About Dynamic NAT Source IP Addresses

    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/nat/nat_set_source_ip_c.html

    wg.pdf 37.7K
Sign In to comment.