Is SD-WAN incompatible with cluster?
I have a redundant configuration of watchguard with clusters.
I would like to run SD-WAN in this configuration, but the situation is as follows.
What are the possible causes?
Both member1 and member2 are connected to Trust and Untrust.
SD-WAN works by sticking WAN line to member2.
If I stick a WAN line to member1, I can't get out to the Internet.
Is SD-WAN incompatible with cluster?
0
Sign In to comment.
Comments
Both WANs must be connected to each cluster member.
Very much this, and is normally achieved with a VLAN capable switch where you allocate 3 ports per WAN link into an isolated/dedicated VLAN - one for each cluster member and one for the WAN link itself.
The cluster won't route outbound traffic via the cluster network (that sits between the cluster members) as that is solely for the cluster members to communicate to each other.
Does each cluster member need to be connected to the same WAN line, or is there any particular requirement for a WAN line?
Is there any particular requirement for a WAN connection?
Yes. BOTH WAN connections MUST be connected to BOTH firewalls.
Just like all internal LAN connections MUST be connected to BOTH firewalls.
Please read the docs on this.
If I connect a WAN line with static IP on member1 and PPPoE on member2, do I need to configure the WAN line using WSM instead of WebGUI?
I believe that the connection for this WAN on both members should be identical.
Please open a support case on this to get WG help in resolving your issues.