Skip to main content
sully35
sully35
New Member
May 13, 2011
Question

Routing between Metro-E and Cable

  • May 13, 2011
  • 2 replies
  • 2964 views
Greetings! We used to be located in the same building as our colo but have recently moved just down the street. In our new office we currently lease a Metro-E circuit from our colo and a backup cable connection. With the Metro we are basically an extension of our server equipment on the same LAN. I would like to be able to use our cable connection for primary Internet-bound traffic and keep the Metro strictly for access to our servers at the colo and Internet-bound backup. My thought is that I need to create a new subnet here at the office and setup appropriate routes on my 80C. It just doesn' t seem to want to work for me when I test. I have created firewall rules to allow traffic through both interfaces at each location. Below are some items of my configuration: Office - FGT80C Internal LAN - 192.168.5.0/24 WAN1 - Metro-E (10.10.0.1) WAN2 - Cable Colo - FGT110C Internal LAN - 192.168.0.0/24 WAN1 - Colo provided Internet WAN2 - Metro-E (10.10.1.1) Policy routes have been created to use the other devices Metro interface as the gateway. Does anyone have experience or might know what I am doing wrong? Thanks for any input you can provide.

    2 replies

    A
    Anonymous_User
    Contributor
    May 22, 2011
    Hi Sully, I' m not 100% clear on your physical topology, but I find that Policy Routing only works when the Static Routes for each destination have exactly the same Distance. However, if I have understood your scenario correctly, I don' t think you need to be using Policy Routing at all... On your 80C you need: a Static Route with Destination 0.0.0.0 /0 on WAN 2, with a Distance of 10 a Static Route with Destination 10.10.1.0 /24 on WAN 1, with a Distance of 5 (ie. the Metro destination has a lower distance / higher priority than the internet) On your 110C you need: a Static Route with Destination 0.0.0.0 /0 on WAN 1, Distance 10 a Static Route with Destination 10.10.0.0 /24 on WAN 2, Distance 5 No Policy Routing at all, those Static Routes will send everything between the Metro sites through WAN2, and everything else through WAN 1. Hope that helps. Matt
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    May 23, 2011
    a Static Route with Destination 10.10.0.0 /24 on WAN 2, Distance 5
    If you try to enter this route you' ll find that it already exists: the Metro link is directly connected and thus not routed. Just leave it out. The suggested routes on the Office FGT will not provide for redundant internet access. You need 2 DEFAULT routes for that. One will point to the Cable port interface (WAN2) and the other to the Colo interface (WAN1). Lower distance on the route to WAN2 to give it priority. On the Colo side you can do the same to obtain internet access redundancy - but that was not your primary intention. Leading the internet reply traffic back to the Office does not demand a route, both (locally distant) subnets are ONE and hosts will be found by ARPing. You don' t need policy routing here at all, not even for piping traffic to the servers through the Metro link. That' s because of the same point - you' re not routing at all between locations. Otherwise, yes, you would have needed a policy route.
    Terms & ConditionsAccessibility statement