Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1915 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN active-active configuration not working

Shrikant Patil1

Hello Experts,

 

i have 2 WAN lines configured active-active with weight =1 for both. Line_1=30 MBPS and Line_2=10 MBPS. The problem is when Line_1 goes down the Line_2 is not coming up.

we loose internet but strangely ping works to google, I can browse google and search but when i click on any search results it doesn't work neither it works when I try to browse any site or outlook.

It works only when I change my local machine DNS to 8.8.8.8.

My DNS setting are 2 global DNS and 3rd is the ISP DNS.

 

SOPHOS support says its the problem with the internal DNS (LOCAL LAN). But i am wondering how it works with Line_1 with same setting in internal DNS?

 

Please help, Thanks



This thread was automatically locked due to age.
Parents
  • 0

    Hello Shrikant,

    While you are dealing while using multiple WAN connections, it is always advisable to have a DNS server pointing to your AD server or Sophos XG. 

    Reason-> The system will always try using the primary server host address and if that fails it fails. If you are using Sophos XG, then you may add up to 3 DNS servers. I would recommend first 2 from both your ISP DNS1> WAN1 DNS2>WAN2 and keeping the third DNS3> Public 8.8.8.8 Under DHCP settings make sure that SOPHOS XG LAN IP is is set to primary DNS server for your client machines. 

    If you have AD server, you may configure additional DNS forwarders and while keeping some of them in Public DNS as well. 

  • 0 in reply to Aditya Patel

    Hello Aditya,

    Thanks for comments. But i am not sure if i completely understand what you said (just updated from UTM to XG)

    So let me be more clear on my infra

    Firewall IP = X.X.X.101

    Local DNS and AD are on same server = X.X.X.122

    Both WAN are from same ISP so same ISP DNS = 103.8.45.5

    In Firewall 3 DNS configured as 

     

    All LAN clients/user machines have DNS as X.X.X.122

     

    Do you suggest to put

    DNS 1=ISP DNS

    then DNS 2 and DNS 3 = Global?

     

    Please suggest if any additional parameters we need to check in Firewall or on DNS/AD server?

     

    Thanks

Reply
  • 0 in reply to Aditya Patel

    Hello Aditya,

    Thanks for comments. But i am not sure if i completely understand what you said (just updated from UTM to XG)

    So let me be more clear on my infra

    Firewall IP = X.X.X.101

    Local DNS and AD are on same server = X.X.X.122

    Both WAN are from same ISP so same ISP DNS = 103.8.45.5

    In Firewall 3 DNS configured as 

     

    All LAN clients/user machines have DNS as X.X.X.122

     

    Do you suggest to put

    DNS 1=ISP DNS

    then DNS 2 and DNS 3 = Global?

     

    Please suggest if any additional parameters we need to check in Firewall or on DNS/AD server?

     

    Thanks

Children
No Data