Force one host to use an specific external interface
Hi, I manage a firebox (running 12.7) with two external interfaces, one of each from a different ISP. Im currently tryng to force the traffic from one host, to use the external2 interface, but I cannot make it work. Any advice?
0
Sign In to comment.
Comments
You can use SD-WAN to do this.
Set up a SD-WAN action to use the 2nd external interface, and set up specific policies for this specific IP addr, and apply the SD-WAN action on them.
Configure SD-WAN
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/sd-wan/sd_wan_routing_configure.html
Hi Bruce_Briggs, thanks for the response. I followed that, but on the step 7 only added the desired External interface, but it doesnt seems to work, is still going out through the default External interface. Any advice on what to check?
maybe the rule is not applied to connections in progress, disconnect and reconnect users
Ill try that, thanks!
Turn on Logging on this policy to see packets allowed by it in Traffic Monitor
It worked as you described. Thank you very much
hello dimaslg,
what was the solution?
On the destination part I had it locked on two public IPs, changing it to ANY did the work.