D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: oxen91 on December 30, 2009, 10:51:43 AM
-
Hello
I have a DFL-800.
I want separate traffic via the WAN 1 and 2.
exemple for traffic to internet:
if : source 192.168.1.2 - destination 82.23.23.23 --> go wan2
if : source 192.168.1.5 - destination 90.25.25.25 --> go wan1
exemple for traffic from internet
if : source any - destination port 10625 from wan 2 --> 192.168.1.2 port 10625
if : source any - destination port 80 from wan 1 --> 192.168.1.5 port 80
the system must be securing. if the wan 1 is down, the wan 2 take all the traffic to internet.
exemple :
if : source 192.168.1.2 - destination 82.23.23.23 --> go wan2
if : source 192.168.1.5 - destination 90.25.25.25 --> go wan2 (because wan 1 is HS)
Can you help me to configure the rules and ip route.
Actually the firewall works only by the wan 1 port.
thinks for all.
-
after a big reading, i succeeded the backup of the wan1 to wan2. i begin to works in the ip route rule for manage the traffic.
the fonctionnaly is very different of the fortigate or zywall firewall and the error is possible.
-
It's possible to redirect the traffic by source ?
exemple for traffic to internet:
if : source 192.168.1.2 - destination 82.23.23.23 --> go wan2
if : source 192.168.1.5 - destination 90.25.25.25 --> go wan1
i've just test a rule in routing table /main
interface : wan2
network : all-nets
gateway : 192.168.10.1
local ip adress : 192.168.1.2
metric : 10
but the server 192.168.1.2 stay our traffic on the wan 1???
if you have a idea???
think's
-
Use a secondary routing table and a routing rule to route traffic based on source or destination, interface, network, or service information.
-
hello
think's for your response.
i've just create a new routing tables : (main2)
interface :wan2
network : wan2net
gateway : none
metric : 50
and
interface : wan2
network : all-nets
gateway : 192.168.10.1
metric : 50
i don't now if it's important to create 2 routings
and i create a routing rules
forward routing : main2
return routing : main2
service ; all services
schedule : none
Source Destination
interface : lan interface : wan2
network : 192.168.1.2 network : all-nets
i'm test that but the traffic of the 192.168.1.2 stay in the wan1???
a idea????
thinks
-
Make the return table main.
Make an interface group called WANs, include both WANs, and make that your destination interface on the routing rule.
-
hello happy years 2010.
I don' t arrive to redirect the server traffic on the wan 2 and the overs pc on the wan 1
my routing table main :
1 Route wan2 wan2net 100 No Direct route for network wan2net over interface wan2.
2 Route wan2 all-nets 192.168.10.1 100 No Default route over interface wan2.
3 Route dmz dmznet 100 No Direct route for network dmznet over interface dmz.
4 Route lan lannet 100 No Direct route for network lannet over interface lan.
5 Route wan1 wan1net 100 No Direct route for network wan1net over interface wan1.
6 Route wan1 all-nets 192.168.1.1 100 No Default route over interface wan1.
7 Route wan1 all-nets 192.168.1.1 80 Yes
8 Route wan1 wan1net 80 Yes
9 Route wan2 wan2net 90 Yes
10 Route wan2 all-nets 192.168.10.1 90 Yes
11 Route wan2 192.168.0.0/24 192.168.10.1 10 No
i want to redirect the server 192.168.255.1 traffic to internet to wan 2
over traffic to internet to wan 1
the traffic from internet to server 192.168.255.1 can arrive from wan 1 or wan 2.
description :
192.168.255.1 -----> internet -----> go wan 2
192.168.255.0/24 -----> internet ------> go wan 1
wan 1 or 2 -----> internet ftp -----> 192.168.255.1
wan 1 or 2 -----> internet web server -----> 192.168.255.1
if you can developed and describe the configuration...
think's for all
sorry for my english but i'm french user
-
Hello
im' very confuse
it's not ok because the wan2 was down :-(
After reboot firewall and the router, it's ok now.
I'm create a 2nd ip route table with :
1 Route wan1 all-nets 192.168.1.1 60 Yes
2 Route wan1 wan1net 60 Yes
3 Route wan2 wan2net 50 Yes
4 Route wan2 all-nets 192.168.10.1 50 Yes
5 Route lan lannet 100 No
For force routing rules to go to wan 2
and i create a routing rule with :
Name:
Forward routing table: main2
Return routing table: main2
Service: all_services
Schedule: none
Source Destination
Interface: LAN wangrp
Network: server all-nets
And before i create a interface group :
1 wangrp wan1, wan2
think's a lot Fatman for your information.
say me if you see an error in my configuration.
I work's now to create a DHCP server with static (mac adress --> ip).
-
excuse me just a precision :
i want to test a rule with :
192.168.255.5 --> 8.8.8.8 -----> go wan2 (main2)
192.168.255.5 --> all -----> go wan1 (main)
Name: test
Forward routing table: main2
Return routing table: main 2
Service: all_tcpudp
Schedule: none
Source Destination
Interface: lan wangrp
Network: 192.168.255.5 8.8.8.8
i'm test that but it's nok. my traceroute go to wan1
space no ?
-
lol very sorry
after a reload of the firewall it's ok. i think if you touch the ip route of the firewall, it's very important for it to a full restart.