Failover WAN not failing over

Hi M8ey

Try to keep the WAN link load balance in the Firewall rule and see if that works. It's interesting that traffic does not pass through the Port8 when Port3 is down. Have you created any additional static routes or advanced firewall rules in the backend?

Jaydeep said:

WAN link load balance in the Firewall rule and see if that works.

Hey Jaydeep - yes we tried that as well. Sophos support even created a rule and tried all they could.

I strongly believe its an issue with two PPPoE connections and how the XG handles a change such as failover. This XG used to have a Static and a PPPoE and it has failed over fine.

A few updates and a change to WAN and no failover.

Another Level 2 session booked for Monday night

I still think we have different issues.

My Failover PPPoE is connected and incoming connectivity is available  i.e the RED reconnects to the backup fine.

My issue is more from LAN - WAN - no traffic passes and I get a VIOLATION error. The FW rules that are required are correct but it wont pass traffic like the NAT is broken

That describes my issue exactly.

Ian

Then as we wrap up tonight I will disable then reenable the backup pppoe and see if it connects

Just to add a little more fuel to the fire it is an IP4 issue, the IPv6 interface comes up correctly looking at the email messages.

Ian

Another 3 hours in a Comms room failing over for sophos to take log files.

No update as yet except its still broken.

I did try editing the PPPoE interface but no change. Maybe it fixes yours as you are DHCP where I am Static.

Sad that doesn't work for your setup. It fixed mine when I had PPPoE, DHCP and static as well as DHCP FTTC.

Also doesn't happen not e UTM, just XG.

Ian

Hi,

this morning being a little brave decided to see if I could emulate your issue, so I set my UTM to be a pretend ISP. he interfaces were all set to static IPs.

All my tests passed.

Tests were

running speediest.net application

1/. disable the interface on the UTM - successful failover

2/. disable the alternate interface and enable the main interface - successful fail over

3/. disable MASQ on UTM so link looks like it is up but fails wan link failover test - successful failover

4/. disable alternate MASQ on UTM - successful failover

Though one application speediest.net (application not web site) now refuses to connect regardless of interface being used.

Ian

Just reviewed the firewall rule for the speediest.net application to find out why it worked and found I had left the default WAN load balancing setting in place.

Hmmm I am not sure why mine doesn't failover.

Has to be some combination of my two PPPoE or ISP upsetting the XG.

Its from the LAN side being blocked so definitely the XG.....

Hi M8ey.

did this ever work?

Using 8.4.4.4 as a ping test has quite significant delay from my network over 100ms whereas 1.1.1.1 is under 10ms.

I seem to remember sometime way back is XG first launch something about two PPPoE connections not working correctly, but cannot remember any specifics.

Of course my testing was all done using ethernet connections not PPPoE.

Ian

rfcat_vk said:

did this ever work?

Sure did - back when it worked my Primary was Static and the failover was PPPoE.

rfcat_vk said:

did this ever work?

Sure did - back when it worked my Primary was Static and the failover was PPPoE.