With only 1 WAN connection to the internet, everything works fine including a web server behind the firewall. We are using NAT.
When I add a second WAN connection to a different ISP and add a second default route for that interface, traffic to the web server from outside no longer works. Both static routes have the same distance and priority.
I don't understand what is going wrong or how to fix it. Does this occur because traffic come in from one ISP and is going out to the other? Do I need to use a policy based route?
I've watched the videos on redundant internet connections, but am not currently interested in load balancing. The original WAN connection is slower and so may someday want to set up a WAN status check and failover.
Thanks
Hi Bill,
It does seem to me that you're onto the issue in your 3rd paragraph. You should be able to confirm this with a trace (search for how to a debug flow). Do you have your own public IPs or do you get them from your ISP(s)? And where does the DNS for the web server point? Is it just your public IP on WAN1?
If you want to take this offline I would be happy to provide paid help via remote session, or if you have Fortinet support they would probably assist you on this as well.
Thanks - Daniel
detectivedanham@gmail.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.