Skip to main content
Supi
Supi
New Member
September 29, 2013
Question

Changing WAN interface

  • September 29, 2013
  • 3 replies
  • 8327 views
Hi, we have an ISP change going and we have to change the default route to the internet. This means that the interface and the firewall wan ip is going to change. How does the ssl.root interface react to the change. I have tried to find the answer on the documentation, but have not found out. The scenario is like this: - wan1 interface has ip 1.1.1.1 and the ssl vpn users connect to that - wan2 is the new interface and has ip 2.2.2.2 - when I change the default route to 2.2.2.2, does the SSL VPN change at the same time?

    3 replies

    Fullmoon
    Fullmoon
    New Member
    September 30, 2013
    based on your example your wan1 has 1.1.1.1 ip address and your ssl vpn users connected via 1.1.1.1, however you changed your wan1 ip address to 2.2.2.2 which means ssl vpn users must use 2.2.2.2 ip address in order to perform ssl vpn connection. you must change also the default route (static route), apply the default route of 2.2.2.2
    Supi
    SupiAuthor
    New Member
    September 30, 2013
    Hi, no, we have not yet changed the default route, but I needed to know if the default route will also change the ssl.root interface from wan1 to wan2 (wan1, 1.1.1.1 and wan2 2.2.2.2). Default route is still 1.1.1.1/0.0.0.0 and the vpn users connect to 1.1.1.1. When I change the default route to 2.2.2.2/0.0.0.0, will the users ssl vpn connection ip change at the same time? Also, do I need to remake rules, or does the unit take care of ssl.root -policies?
    rwpatterson
    rwpatterson
    New Member
    September 30, 2013
    You will need to duplicate every policy that includes WAN1. You best bet would be to make a backup, and copy out all the WAN1 policies, then batch change with a text editor and paste back into your config.
    Supi
    SupiAuthor
    New Member
    October 1, 2013
    Yes, the duplication completed. There was about 50 rules on the wan1 interface. I did it with the GUI. Just cloned the rule and changed the interface. Also, I tested the SSL VPN by routing one internet IP to wan2. It worked perfectly, so I don´t see any reason why it wouldn´t work when I route all of the traffic trought the wan2 interface.
    Terms & ConditionsAccessibility statement