06-24-2018 07:58 PM - edited 06-24-2018 08:05 PM
Hi All,
I followed the guide at this URL to setup the Dual ISP for outbound access.
I have set the http/https services to use ISP 2 and other traffic to use ISP 1. It is working find and the redundancy also working fine.
However, I have 2 web services that hosting using ISP 1. I have setup the destination NAT and required policy but it is not working when the 2 ISP link is up. If i disconnect the ISP 2, the destination NAT is working fine.
I also tried to setup the PBF rule for Symmetric Return using ISP 1 using the following guide.
The log details when the Dual ISP + Symmetric PBF is define. It just showed incomplete and aged-out. From Client wireshark, it keep resending the TCP transmission.
The result when disable the PBF for Symmetric returna and disconnect ISP 2.
Is there any other thing I need to do in order to allow dual ISP and destination NAT to work? Appreciate if someone can give me a hint on this.
06-25-2018 04:31 PM
I think you will need to modify your PBF filter rule for the web server to work. What might be happening is the http/https traffic from the server in reply to the inbound dNAT is being picked up and sent to ISP 2.
Add to that filter a negate ip address source for the internal address of your web server so that it is not covered by the forwarding filter.
06-25-2018 05:53 PM
I figure out the problem.
When i added the PBR for this destination NAT, i did not specific the next hope. The Interface and Server VLAN are different. That why.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
