Skip to main content
A
Anonymous_User
Contributor
April 17, 2010
Question

Duplicate static route entries causing dual WAN problems

  • April 17, 2010
  • 4 replies
  • 6686 views
FortiGate 80C with v4.0,build0196,100319 (MR1 Patch 4) installed. I have configured dual WAN PPPoE following various instructions and posts on these forums (took a while to get it right) and it has been working ok. However every now and then I find that traffic is not flowing through the preferred connection. When this happens I notice in the Web UI that there are duplicate static entries for one of the PPPoE connections. e.g. Static 0.0.0.0/0 5 0 150.101.a.b ppp0 Static 0.0.0.0/0 5 0 203.55.x.y ppp1 Static 0.0.0.0/0 5 0 203.55.x.y ppp1 Sometimes rebooting the router clears this but not always, and I don' t want to have to check this and to reboot the router all the time. I have tried swapping modems, but this doesn' t seem to make any difference. I really like this router (and to sell them) but I am finding the dual WAN side of this device difficult to configure correctly and unreliable when you do configure it. Can anyone offer any suggestions why this is happened and what to do? These are the settings I have set to make dual WAN PPPoE work (Dopes it matter which number is which?). config router static edit 2 set device " wan1" set distance 5 set dynamic-gateway enable set priority 10 set weight 35 next end config router static edit 1 set device " wan2" set distance 5 set dynamic-gateway enable set priority 20 set weight 35 next end NB: I also have problems with YouTube and previewing iTunes songs from iPhones and iPod Touches when going through the preferred Internet connection, but not the secondary but that may be an ISP Issue so just mentioned just in case it triggers a thought from someone.

    4 replies

    A
    Anonymous_UserAuthor
    Contributor
    April 17, 2010
    This was meant to go into the Routing subforum, not sure how it ended up in Firewall... can it be moved?
    abelio
    SuperUser
    abelio
    SuperUser
    April 17, 2010
    ORIGINAL: Meppy This was meant to go into the Routing subforum, not sure how it ended up in Firewall... can it be moved?
    i guess not; but you can delete your own post and repost it in an appropiate forum
    abelio
    SuperUser
    abelio
    SuperUser
    April 17, 2010
    If your both interfaces are defined as pppoe, define the ' priority' parameter within the interface configuration itself. config system interface edit wanX set prioritu <value next end
    A
    Anonymous_UserAuthor
    Contributor
    April 17, 2010
    Thanks I will try that, it seems I need to write a basic how to article on setting up dual WAN PPPoE properly as the information seems to be spread around and I am still unclear on the effects and consequences of each setting. I am not sure changing a priority will fix this? The whole duplicate route entries seems like a bug or misconfiguration somewhere to me.
    A
    Anonymous_UserAuthor
    Contributor
    April 18, 2010
    Well the duplicate route has re-appeared but the connections are still using the perferred route, but that is because the secondary route with the duplicate entries is not working. I obviously need to raise a support request with FortiNet about this. Also there was no option for me to delete my original post.
    abelio
    SuperUser
    abelio
    SuperUser
    April 18, 2010
    ORIGINAL: Meppy Well the duplicate route has re-appeared but the connections are still using the perferred route, but that is because the secondary route with the duplicate entries is not working.
    Why did you define those 2 static routes ? Generally, if you check ' Retrieve default gateway from server' box, you' ll obtain both correct default routes for your PPPoE; if you' re under doublewan scenario, be sure that ' Distance' box has the same value for both. For priority setting, see my above post
    Also there was no option for me to delete my original post.
    if you' re logged in the forum with your account, you could delete your own posts using the ' x' icon up right.
    A
    Anonymous_UserAuthor
    Contributor
    April 19, 2010
    I defined those because ECMP wasn' t originally working properly and after asking questions and searching and reading KBs and other posts (http://support.fortinet.com/forum/tm.asp?m=49665&p=1&tmode=1&smode=1). I need it to work so that it uses one connection by default unless I have specific rules that direct traffic to one or other of the connections, but to also handle things when one of the connections fails. There does not seem to be any clear consensus or official instructions on how to set this up when using PPPoE so that it works properly. My problem of it randomly creating a duplicate static entry either means I am doing something wrong or there is a bug (or both). There is no red cross next to the original post, maybe once it is replied to I am stuck.
    abelio
    SuperUser
    abelio
    SuperUser
    April 19, 2010
    I need it to work so that it uses one connection by default unless I have specific rules that direct traffic to one or other of the connections, but to also handle things when one of the connections fails.
    Re-try first with the simpler approach: - define your both pppoe with the same distance value (don' t use default value 1) in the interface' s itself ' distance' box - check ' Retrieve default gateway from server' box in both. - don' t add more static routes at all - go to the CLI and write: ' get router info routing-table details' Can you see 2 lines near " S*" via wan1 AND wan2? If so, it' s done, you' ve ecmp working if that' s really you want. If don' t, re-check distances or another setting is making noise. regards,
    Terms & ConditionsAccessibility statement