I have a customer which recently did not have any connection to the internet. After diagnosing the issue I noticed that the firewall had 2 WAN connections, one via a fixed line and another via a cellular connection.
For some reason, the firewall had decided to route all traffic via the cellular connection instead of the fixed line. After further investigation I noticed that both WAN ports were configured and active, but no policy's or routes were configured to use these as a fail-over or route specific traffic over both WAN's.
Because of this, the data limit was reached and the Cellular provider blocked the internet traffic over this connection to prevent extra costs to the subscription. After pulling this connection out of the device, all traffic went over the fixed line and it was solved.
Our customer has a Zyxel USG60 which is in bridged mode to the router/modem. All configuration is done on the Zyxel Firewall.
I was unable to find this online, my question is how does a Firewall, or router, determine which WAN port to use if it has multiple WAN ports but no config on which to use specifically?
No comments:
Post a Comment