Default Route issues with MultiWan (2.0-RC3 32bit)
-
Hi all,
Looking for some help with this issue I have run into.
Current Setup is as follows +diagram
MultiWan with Carp
Core1 Net xx.xx.204.0/29 -> Carp Address xx.xx.204.4/29
Core2 Net xx.xx.204.8/29 -> Carp Address xx.xx.204.12/29NAT Lan
LAN Net 10.50.58.0/24 -> Carp Address 10.50.58.233/24
Client in LAN with gateway set to Carp AddressRouted Subnet DMZ
DMZ Net xx.xx.204.128/26 -> Carp Address xx.xx.204.129/26
Server in DMZ with gateway set to Carp AddressThe cloud is a multi router environment all talking OSPF to the Core Switches. The firewalls do not talk OSPF.
Now the Details….
Note: Changing the CARP master has no affect on the following.Condition, ALL OK
NAT traffic works
DMZ traffic both in and out works
Pings to all the public firewall interfaces work from a router in the cloud.Fail condition one (Core Switch 2 FAILED)
Note: static route xx.xx.204.129/26 -> xx.xx.204.12 on Core Switch 2 falls out of OSPF, cloud only sees route via Core Switch 1NAT traffic works
DMZ traffic in and out works
Pings to Carp Address xx.xx.204.4 work
Pings to firewall interfaces in the Core2 Net xx.xx.204.8/29 fail (Because its down)Fail condition two (Core Switch 1 FAILED)
Note: static route xx.xx.204.129/26 -> xx.xx.204.4 on Core Switch 1 falls out of OSPF, cloud only sees route via Core Switch 2NAT traffic works
Pings to firewall interfaces in the Core1 Net xx.xx.204.0/29 fail (Because its down)
DMZ traffic out works, traffic in from cloud fails.
Pings to firewall interfaces in the Core2 Net xx.xx.204.8/29 fail (See just below)When in this fail condition, if I manually force the default route on the firewalls to the Core 2 network, DMZ traffic and pings start working. (on a side note, the system cant check for its own updates when in this state)
How do I get the fail over system to modify the default route so that when Core Switch 1 goes down it sets the default route to the secondary Wan (Core2) connection. (and vice versa) ??? or am I missing something basic?
Also settings screenshots attached, let me know if you need any others.
Cheers
Josh