Comments
-
Is firecluster synchronized between watchguard? It appears to be working without a virtual IP address set up. watchguard redundancy, I am also considering WAN redundancy (two separate WANs)
-
Can I configure PPPoE on a secondary wan address?
-
If I connect a WAN line with static IP on member1 and PPPoE on member2, do I need to configure the WAN line using WSM instead of WebGUI?
-
I do not understand. I replied that I understood the meaning of OK, not understanding. I am translating Japanese so sorry if there is a difference in interpretation.
-
Does each cluster member need to be connected to the same WAN line, or is there any particular requirement for a WAN line? Is there any particular requirement for a WAN connection?
-
I understand. Thanks for all the help you've given me.
-
On one PC, “https://gigafile.nu/” matched on gigafile.nu and SD-WAN was working. On another PC, “https://gigafile.nu/” did not match on gigafile.nu and SD-WAN was not working. I checked the “who is” for addresses matched by gigafile.nu and also matched FQDNs that are not gigafile.nu. Are these events also causing SD-WAN to…
-
Thank you. I guess I'll have to give up on SD-WAN at this point, or just specify one IP address at a time...
-
I just specified *.gigafile.nu and gigafile.nu in one policy and checked. However, the policy did not match and SD-WAN did not work properly. I do not know why 133-149-218-54.gigafile.nu does not match *.gigafile.nu.
-
Do I need to create policies in *.gigafile.nu and gigafile.nu respectively?
-
The actual site will be ↓. https://gigafile.nu/ Firewall Policy 1.secondary wan (protocol: ANY) 2. primary wan (protocol: ANY) The policy for secondary wan specifies the FQDN (*.gigafile.nu) and when the site is accessed, the traffic monitor will show the policy for secondary wan. Then when doing a file upload at the site,…
-
sorry. I wanted to know if SD-WAN works with a URL. That is why I asked the first question.
-
Thank you. Can I make SD-WAN work with HTTP proxy policy? If it can work, is the destination Any-External? Does the actual destination and interface refer to the SD-WAN action and URL path respectively?
-
Thank you! I changed the policy as you recommended and it works fine. What interface are you referring to by Any-External, I was under the impression that External specified two lines.
-
On policy 2, replace “To:Any-Untrusted,Untrusted” with “To:Any-external” and review the results. I guess I need to change the alias “Untrust” to “external” first.
-
There was also other traffic flowing ANY-out, each of the three policies specifying the protocol as any.
-
Sorry for the lack of explanation. I will give you the information on POLICY and interface. I assumed 2,Primary WAN with all traffic flowing to the specified interface... alias Optional-4(Secondary WAN) Untrust(Primary WAN) Untrust is configured for link aggregation with Optional-2 and Optional-3. Trust(LAN) policy…
-
Thanks for calling. I will write a more detailed POLICY. 1,Secondary WAN (any-Trusted ➞ pppoe(windows update etc ... )) 2,Primary WAN (any-Trusted to any-Untrust) 3,ANY-OUT (ant-Trusted to any-Untrust , pppoe) One part of the log will look like ↓. Allow 192.168.10.15 8.8.4.4 HTTP Protocol over TLS SSL 52271 443 Trust…
-
You've helped me figure it out, thank you.
-
Sorry. How can I check if SD-WAN is working properly? I checked the firewall policy to send logs but it did not show up in the traffic monitor.
-
Thanks for letting me know. I guess what I need to set up is something like this WAN1 Firewall policy SD-WAN action Link monitor target This configuration should be done for WAN2 as well. For SD-WAN, look at the firewall policy before routing, to the interface where the SD-WAN action for that policy is configured, policy…
-
Thanks for letting me know. I need to specify a Link monitor target to configure the SD-WAN action. Here you can specify ping or dns. Does the ping or dns I specify here actually specify the target I want to send to the other WAN that is not the primary in the SD-WAN?