Providing a service from both WAN adresses (i.e., either addr. reaches the svr)
Voami last edited by
I'm failing to get a dual-WAN setup to allow a service to be reached from both WANs. I shall explain:
-2 static IP WAN links from different providers
-2 Services to provide externally
-Make both services externally addressable from both providers, so that
+ Traffic that comes in on WAN interface port-forwards to the internal server, and is correctly routed back out WAN1
+ Traffic that comes in on WAN2 interface port-forwards to the internal server, and is correctly routed back out WAN2
Set up proxy arp Virtual IPs for each service on their respective WAN interfaces
For each service:
-Configured WAN FW rule
TCP * * Internal Server Private IP SvcPort *
-Configured WAN2 FW Rule
TCP * * Internal Server Private IP SvcPort WAN2 Gateway IP
-Configured Port Forwarding Rules
WAN TCP ExtSvcPort Internal Server Private IP SvcPort
WAN2 TCP ExtSvcPort Internal Server Private IP SvcPort
-Services are reachable on WAN if but not on WAN2
-Traffic bound for the WAN2 address of the services does not connect to the service it is bound for
-Both links are demonstrably up; i am using policy routing to ping WAN2's external address from behind WAN (although the reverse doesn't work)
Validation of my methods or advice on how to correct them, before I start breaking out span ports and sniffers.
I'll add more data here when I have it. Your kind advices welcomed.
hoba last edited by
Switch your WAN2 firewallrule to gateway default (you have WAN2 there). You only use dedicated gateway/loadbalancerpools in rules for outgoing traffic.