Configure two WAN for WIFI zone

Question

Added second WAN zone network port5 
 ipv4 192.168.101.2/27 gateway ip 192.168.101.1 
 SSID new network

DHCP 
 
 Firewall Rule

WAN link manager information

able to connect Tablet to Wifi and i get DCHP release result block firewall rule not matched. if i remove port 5 and select any the traffic goes from port 2 original WAN zone interface which i do not want to use at all. 
 
 I must create new wifi and route the traffic on separate WAN interface

I would appreciate some help and confirm what is wrong with my configuration. 
 Thank you

LuCar Toni · Accepted Answer

Do not use #Port5 in anything. It will not work. It is the wrong approach. 
 Replace Port5 in the firewall rule with ANY. 
 Replace Port5 in the SD-WAN Rule with ANY.

LuCar Toni · Answer

Your Firewall Rule allows traffic to the interface itself. 
 IF you want to allow traffic to WAN, remove the #Port object and use ANY. SFOS will take care to match it for all WAN Interfaces. 
 The #Port Interface is the IP of the interface itself and does not include all traffic going out to this interface.

LuCar Toni · Answer

And if you want to route the traffic only over the second WAN Interface, you have to create a SD-WAN Route for this. Simply configure the WAN2 as Backup in WAN link manager (so no other traffic will use it) and create a SD-WAN Route for your Wireless LAN as Source and Destination Internetv4 - Then use the WAN2.

__________________________________________________________________________________________________________________

Configure two WAN for WIFI zone

Top Replies