Solved: sk105239 article not working when ISP redundancy c...

Ankur_Datta · ‎2018-10-15

Hi All,

In my organization setup, I have 2 firewalls in cluster in active/standby mode and ISP redundancy configured in load sharing mode (50-50 ratio). The version firewall is running is R80.20.

There is only one default route configured on firewall pointing to ISP-1. I can see failover mechanism is working fine when ISP-1 goes down. checkpoint firewall removes default route pointing towards ISP1 and place default route pointing to ISP2.

But traffic is not traversing through ISP2 link. Traffic traverse through ISP-1 only even if i applied sk105239.

Any suggestions please?

Thanks

Ankur_Datta · ‎2018-10-16

Hi Gunther,

Just wanted to know for sk25152 : this is valid for active connections. I mean to say if i am accessing any server and primary link goes down will then traffic will nat to backup isp public link and traverse through backup link or i need to re-intiate the connection to server?

Thanks

View solution in original post

G_W_Albrecht · ‎2018-10-15

Looks like the mechanism explained in sk42636 Controlling connections configured with ISP Redundancy in Load Sharing mod. Other relevant SKs include sk25152 Static NAT fails for outgoing connections through gateway with ISP Redundancy in Load Sharin... sk61692 Troubleshooting ISP Redundancy, sk23630 Advanced configuration options for ISP Redundancy and of course sk32225 Configuring ISP Redundancy so that certain traffic uses specific ISP Link

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Ankur_Datta · ‎2018-10-16

Hi Gunther,

Just wanted to know for sk25152 : this is valid for active connections. I mean to say if i am accessing any server and primary link goes down will then traffic will nat to backup isp public link and traverse through backup link or i need to re-intiate the connection to server?

Thanks

Are you a member of CheckMates?

sk105239 article not working when ISP redundancy configured in load sharing mode.