This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XGS 18.5.1-326 SD WAN rule changing gateway takes a lot of time to be activated

We have an issue with SD WAN routing rules.

We have two routing based IPsec connections,

One SD WAN rule routes certain traffic through the first tunnel. No secondary/failover gateway through the second tunnel is configured.

If we manually change the gateway in the SD WAN rule to the second tunneland and apply it, no change happens.

The traffic is still routed through the old gateway although only the new gateway is configured in the rule.

After about 30 minutes we set a static route for one of the networks through the second gateway. Only after that did the traffic for all the networks in the rule move over to the new gateway,

The new gateway stayed active also after removing the single static routing.

The test was done pinging from a PC behind the firewall. The ping was stopped and restarted, but it was still coming from the same command window.

Is it possible to force a change in the gateway of an SD WAN rule to activate immediately, even for existing connections?

This thread was automatically locked due to age.

0 AlexanderPoettinger over 3 years ago

An addendum:
DaveshM has already given me an answer to a similar question.
But it involves using a command line to kill active routes to single networks.
But some SD WAn rules in this constalltion contain around 40 networks.
It is no practicable to kill the route to each network by hand when doing a change of gateway.
That's the direction of my question.
Is there a way to force the change without having to manually kill the connections over the console?
Cancel
Vote Up 0 Vote Down

Cancel