Skip to main content
lutfucan
lutfucan
New Member
September 9, 2020
Solved

Adding a new WAN Interface

  • September 9, 2020
  • 1 reply
  • 17405 views

I had 3 WAN connection (ADSL modems) providing internet access to my company. I brought 4th connection which has a fiber metro connection by the switch and connected to my 4th port.

1 - First set the new interface (named as metro_port). I selected role as WAN, Addressing mode as manual and IP/Netmask as ISP provided.

2 - At Second step i defined Static Route. I gave destination to 0.0.0.0/0.0.0.0, interface as set up in the first step(metro_port) and gateway as ISP provided.

3 - At third step i have insterted a new Policy Route in order to set my computer go out to internet over metro_port.

4 - I set up a new Firewall Policy, incoming as Lan, Outgoing as metro_port, source as my computer's IP address. Selected NAT enabled. To maximize priority of this policy i dragged it to the first in list.

 

Now unless unplugging or disabling my old WAN connections (ADLS modem connections), i cannot use new WAN connection to use internet access. I checked log tables, it doesn' even use to this policy.

 

What am i doing wrong?

    Best answer by lobstercreed

    Sorry, I was a little out of my depth here.  I don't understand how you can have the 212.xxx.xxx.217 address on 3 different interfaces.  It looks like it should be 88.xxx.xxx.35, 36, or 209 for each different interface.  However, Googling this a bit it sounds like this is a common practice with PPPoE (which I have 0 experience with)...

     

    This link may help you.  It's a similar setup to yours I think:  https://kb.fortinet.com/kb/documentLink.do?externalID=FD32573

     

    The key as I mentioned originally was that the distance has to be the same between the routes, so you'll need to set a distance of 5 for your new fiber default route.  By default it was 10 (as observed in the screenshot earlier). 

     

    This would also explain why nothing changed when you added the other static routes in that screenshot.  They were all using a distance of 10 whereas these dynamic gateways you're getting from PPPoE use a distance of 5 and would exclude the ones with 10 from entering the routing table.

    1 reply

    lobstercreed
    lobstercreed
    New Member
    September 9, 2020

    Check your routing table (get router info routing-table all) to see if the new static route is even in the table. 

     

    In order to use multiple default routes the distance has to be the same (though the priority can be different to determine the path used without policy routing).

    lutfucan
    lutfucanAuthor
    New Member
    September 9, 2020

    I can see new static route fom routing table, ist says :

     

    176.xxx.xxx.xxx/30 is directly connected

     

    But i am not using multiple static route, i defined just one static route for this new gateway.

    lobstercreed
    lobstercreed
    New Member
    September 9, 2020

    What kind of default routes are your other WAN connections using then, if not static?  That would be the problem most likely.  ECMP does not work across different types as far as I know, so you'll need to make sure all the routes are the same type and distance to be able to route across different WAN connections simultaneously.

    Terms & ConditionsAccessibility statement