D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: thmshllwg on May 21, 2012, 06:03:00 AM
-
hi,
we try to configure the following setup on our dfl 800:
2 wan from 2 different isps (we´re switching isp)
3 webservers with different IPs connected for hosting with internal lan ips
Right now we have wan 1 functioning with our old isp. We tried to duplicate the configuration for wan 2.
This is not working although wan 1 connection is still ok.
Packets for wan 2 are dropped like this:
Warning RULE, 6000051, Default_Access_Rule, TCP, wan2, xx.115.40.yy, xx.14.225.yy, 32968, 80 , ruleset_drop_packet, drop
Any suggestions?
Thank you very much
-
PBR (policy based routing) is the solution
you have to create 2 routing tables:
1 for inbound connections from wan1 with a route to all nets interface=wan1 gateway=wan1_gw
2 for inbound connections from wan2 with a route to all nets interface=wan2 gateway=wan2_gw
create 2 routing rules:
1 for inbound connections from interface wan1 to wan1 ip forwarding main routing table and returning inb_wan1 routing table
2 for inbound connections from interface wan2 to wan2 ip forwarding main routing table and returning inb_wan2 routing table
create the corresponding sat and allow rules and its done
-
can you give an example for the corresponding sat and allow rule?
-
the sat and allow rules are the less complicate thing in this scenario
i suggest you rtfm to avoid problems implementing this scenario
-
nm i figured i had set wrong interface on routing rule