D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: lezde716 on July 15, 2010, 08:08:00 PM
-
Model: DFL-800
Configuration: Version 27
Firmware Version: 2.26.00.06-12649
Our network structure in our company is this "isp> dsa-3100> dfl-800> win2k3 DHCP Server and win2k3 domain controller> client PC's ". dns from 2 isp are forwarded to the domain.
currently I have another one ISP and want to add to our network. put it in the wan2 of dfl-800.I follow the steps below which get it from this forum also.
wan1 >dhcp
wan2 >dhcp
For the testing I pulled out the wan1 connection the remaining connection is isp2 in wan2. I test the client pc if still has internet connection but the result is failure.
Did I miss something on the configuration? please me.
1) Interfaces > wan1
Check "enable DHCP client"
On Routing tab, check off "automatically add default route if gw is specified"
Do the same for wan2
2) Intrefaces > Interface groups
Make group "wans" with wan1 and wan2
3) Rules > IP rules > lan_to_wan1
Change in all rules destination interface from wan1 to wans
4) Routing > Routing tables > main
Add routes (keep "local IP address" blank and enable host monitoring with DNS servers or some external stable host)
wan1 all-nets wan1_gw 100
wan2 all-nets wan2_gw 100
5) Routing > Route load balancind > Instances
Add new instance on table "main" with algorithm "destination"
Routing table status:
Routing table contents (max 100 entries)
Flags Network Interface Gateway Local IP Metric
172.17.100.0/24 dmz 100
192.168.2.0/24 switched 100
192.168.0.0/24 switched 100
112.202.0.0/17 switched 100
M 0.0.0.0/0 wan1 192.0.2.1 100
M 0.0.0.0/0 wan2 112.0.0.1 100
-
You have enabled Transparent mode. Do you really need it?
In another, you confguration seems OK.
-
You have enabled Transparent mode. Do you really need it?
In another, you configuration seems OK.
yes the transparent mode is enable in both wan.
May I know the purpose of transparent mode? I enable this cause I thought this will prevent users to browse web site that being filter in my firewall with the use of proxy site.
-
Read the manual :D
If shortly, transparent mode allows you to not specify DFL as gateway for clients - they will use gw on WAN side. It's suitable only if you have real IPs on LAN side.
-
You have enabled Transparent mode. Do you really need it?
In another, you confguration seems OK.
another thing about this, when I read this I try to unchecked the Transparent mode of lan, wan1 and wan2 but I loss my internet connection. any idea why this happen? cause the only thing I did this before I follow the guide on how to enable the Transparent mode.
-
After unchech, show your Status > Routes again.
-
Routing table contents (max 100 entries)
Flags Network Interface Gateway Local IP Metric
192.168.0.1 core (Iface IP) 0
172.17.100.254 core (Iface IP) 0
112.x.x.x core (Iface IP) 0
192.168.x.x core (Iface IP) 0
127.0.0.1 core (Iface IP) 0
172.17.100.0/24 dmz 100
192.168.2.0/24 wan1 100
192.168.0.0/24 lan 100
224.0.0.0/4 core (Iface IP) 0
M 0.0.0.0/0 wan1 192.168.x.x 100
M 0.0.0.0/0 wan2 112.x.x.x 100
I try to unchecked the Transparent mode again and wait a minute after saving the configuration, and the internet connection works fine.
above is the route status after unchecked the transparent mode.
But my problem has not been resolved that when I remove the connection in wan1 the internet is gone.
Please help... thank you.
-
I think, you didn't check "Add route for interface network" in wan2's params.
And, use only host monitoring with pinging any external server (ex, Google DNS - 8.8.8.8 and 8.8.4.4)
-
I think, you didn't check "Add route for interface network" in wan2's params.
And, use only host monitoring with pinging any external server (ex, Google DNS - 8.8.8.8 and 8.8.4.4)
here's my route status after checking "Automatically add a route for this interface using the given network."
Still I getting failure connection when I disconnect the wan1 cable. The wan2 still not giving data.
for another info, I try this 2 ISP in a stand alone PC for me to know that it is functioning, and the result is OK I have internet in a stand alone PC.
Any idea again?
Routing table contents (max 100 entries)
Flags Network Interface Gateway Local IP Metric
172.17.100.0/24 dmz 100
192.168.x.x/24 wan1 100
192.168.0.0/24 lan 100
112.x.x.x/17 wan2 100
M 0.0.0.0/0 wan1 192.168.x.x 100
M 0.0.0.0/0 wan2 112.x.x.x 100
-
Eeee.... Stop
You have both default routes with the same metric. If you want RLB, add "destination" instance. If no, change backup route's metric to 101.
-
Eeee.... Stop
You have both default routes with the same metric. If you want RLB, add "destination" instance. If no, change backup route's metric to 101.
yeah It already been added since I post my concern.
Routing > Route load balancing > Instances
Add new instance on table "main" with algorithm "destination"
I try the metric 101.
-
danilovav my problem is not yet resolve. a week ago my main dsl connection fails. the backup dsl is still connected but we cannot internet. I already change the metric of wan1 to 100 then wan2 is 101. also the route of wan1 is 100 and wan2 101. anything else I miss. please help. thank you.
-
To find what you had missed, show your settings as screenshots, all what you changed, including Status > Routing.
-
To find what you had missed, show your settings as screenshots, all what you changed, including Status > Routing.
1) Interfaces > wan1
Check "enable DHCP client"
wan1 - wan1_ip - wan1net - wan1_gw
Advance Tab:
Check On - Automatically add a route for this interface using the given network.
Check Off - Automatically add a default route for this interface using the given default gateway.
Route metric = 100
Do the same for wan2
wan2 - wan2_ip - wan2net - wan2_gw
except for Route metric = 101
2) Intrefaces > Interface groups
Make group "wans" with wan1 and wan2
3) Rules > IP rules > lan_to_wan1
Change in all rules destination interface from wan1 to wans
4) Routing > Routing tables > main
Add routes (keep "local IP address" blank and enable host monitoring with DNS servers or some external stable host)
Monitor for Route Failover Tab:
Check On - Monitor
Host Monitor
Check On - Enable Host Monitoring.
wan1 all-nets wan1_gw none 100
wan2 all-nets wan2_gw none 101
Host Monitor Tab: no configuration
5) Routing > Route load balancind > Instances
Add new instance on table "main" with algorithm "destination"
Network:
isp1: modem - dsa-3100 private lan - wan1
isp2: modem - wan2
Routing table contents (max 100 entries)
Flags Network Interface Gateway Local IP Metric
192.168.2.0/24 wan1 100
172.17.100.0/24 dmz 100
192.168.0.0/24 lan 100
112.202.0.0/17 wan2 101
M 0.0.0.0/0 wan1 192.168.2.1 100
M 0.0.0.0/0 wan2 112.202.0.1 101
Routing table:
main
# Type Interface Network Gateway Local IP address Metric Monitor this route Comments
1 Route wan1 all-nets wan1_gw 100 Yes
2 Route wan2 all-nets wan2_gw 101 Yes
3 Route wan1 wan1net 100 No
4 Route wan2 wan2net 101 No
5 Route dmz dmznet 100 No
6 Route lan lannet 100 No
-
Your mistakes
1) For wan2 set route metric same with wan1 (100)
4) In "Host monitoring" tab add some servers, ex. Google DNS (8.8.8.8 and 8.8.4.4)
Change wan2's default route to metric 100
Also, i think you need to make processing of external requests thru separated routing tables
1) Routing > Routing tables
Add routing table "alt_wan1" with ordering = only
Add into this table route all-nets wan1 wan1_gw 100
Do the same for wan2 (alt_wan2)
2) Routing > Routing rules
Add rules
wan1/all-nets any/all-nets, forward main, return alt_wan1
wan2/all-nets any/all-nets, forward main, return alt_wan2
-
Your mistakes
1) For wan2 set route metric same with wan1 (100)
4) In "Host monitoring" tab add some servers, ex. Google DNS (8.8.8.8 and 8.8.4.4)
Change wan2's default route to metric 100
Also, i think you need to make processing of external requests thru separated routing tables
1) Routing > Routing tables
Add routing table "alt_wan1" with ordering = only
Add into this table route all-nets wan1 wan1_gw 100
Do the same for wan2 (alt_wan2)
2) Routing > Routing rules
Add rules
wan1/all-nets any/all-nets, forward main, return alt_wan1
wan2/all-nets any/all-nets, forward main, return alt_wan2
still I have no luck with this configuration...
The above configuration I made is also for fail over and load balancing?
-
Plz show Status > Routes now