Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Using 2 ISPs - each for a specific vlan but still enabling failover TZ670

boeboe Newbie ✭
edited October 2022 in Entry Level Firewalls

Hello,

I typically have all the VLANs on each lan port - e.g. x0 will have vlan 10, 20, 30, 40 and 50.

I have ATT on X1

I have Spectrum on x2

My vlan 10 is for wired data, vlan 30 is for private wifi and VLAN 40 is for guest wifi

I want to have VLAN 10 and 30 on ATT

I want to have vlan 40 on Spectrum


I"d also like to make it so if ATT or Spectrum stop responding on the LB pings, all traffic is routed on 10, 30 and 40 to the functional ISP.

Category: Entry Level Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    BWCBWC Cybersecurity Overlord ✭✭✭
    Answer ✓

    @boe Failover & Load Balancing isn't flexible enough for that job, but it can be done with Policy Based Routing (PBR).

    Just create a two Route Policies looking like this:

    Source: VLAN 10 + 30 Subnet
Destination: Any
Gateway: X1 Default Gateway
Interface: X1
Metric 1


Source: VLAN 40 Subnet
Destination: Any
Gateway: X2 Default Gateway
Interface: X2
Metric 1

    It'll automatically falls back to the Default Routing if the WAN Interface is not up, maybe you need to put a probe on each Route for logical Interface Monitoring.

    --Michael@BWC

Answers

  • boeboe Newbie ✭

    Thanks - I'll test that out when I we get the second ISP - I appreciate it!

  • boeboe Newbie ✭

    Sorry - I forgot to update this - worked like a charm! Thanks so very much!!

Sign In or Register to comment.