Trouble with load balance seting up two sites firewall with private lines



  • I'm having trouble with load balance, seting up two sites firewalls with private lines.
    This is my basic setup, I'm using for test:

    Site 1                              Private fiber and T1 line                          Site 2

    –----OPT1=10.0.0.1------10.0.0.2=OPT1-------
    192.168.0.1/24=LAN-----         ----LAN=192.168.1.1
                                ------OPT2=10.0.1.1-----10.0.1.1=OPT2-------

    Site 1
    Interfaces
    LAN  = 192.168.0.1/24 gw default
    Opt1 = 10.0.0.1/24 gw 10.0.0.2
    opt2 = 10.0.1.1/24 gw 10.0.1.2

    Load balance
    Balancer 10.0.0.2 10.0.0.2
            10.0.1.2 10.0.1.2

    Firewall Rule
    LAN  = * LAN * 192.168.1.0/24 * Balancer
    OPt1 = * * * * *
    OPt2 = * * * * *

    Site 2 
    Interfaces
    LAN  = 192.168.1.1/24 gw default
    Opt1 = 10.0.0.2/24 gw 10.0.0.1
    opt2 = 10.0.1.2/24 gw 10.0.1.1

    Load balance
    Balancer 10.0.0.1 10.0.0.1
            10.0.1.1 10.0.1.1

    Firewall Rule
    LAN  = * LAN * 192.168.0.0/24 * Balancer
    OPt1 = * * * * *
    OPt2 = * * * * *

    • I'm not using any NAT settings.
      -When it stats I can ping both sides.
      -If I remove the first link it isn't switching to the other one.
      -The status Load balance monitor IP shows right the status of the links, when up or down.
      -Looks like the Lan rule (balance) stays in the first route.

    Any help will be appreciated,

    Thanks in advanced



  • Gotcha!!
    For some reason, if it doesn't use the WAN port, the loadbalance/failover function is just ignored.
    I was leaving to configure the wan later, because my main concern was about the trafic between the firewalls, not the internet. So, that was my error at the first place.
    I will try post a tutorial when I have my setup working properly. Btw, I realise you guys are using "wink"  to make tutorials, it is very easy to use, free and make great tutorials.

    Anyways, thanks.



  • @Sidv:

    Gotcha!!
    For some reason, if it doesn't use the WAN port, the loadbalance/failover function is just ignored.
    I was leaving to configure the wan later, because my main concern was about the trafic between the firewalls, not the internet. So, that was my error at the first place.
    I will try post a tutorial when I have my setup working properly. Btw, I recommend you guys to use "wink"  to make tutorials, it is very easy, free and you make great tutorials.

    Anyways, thanks.

    We already use wink!?!  Look in the tutorials section.



  • It was just a positive comment. After a long time dealing with this problem, probable I don't make much sense anymore  ;D


Log in to reply