XG210 (SFOS 16.05.8 MR-8) Outgoing issue with Source NAT to Alias IPs

Question

Dear All, 
 
 I am currently deploying an XG210. 
 My ISP provides me with 2 sets of IPs say 1.1.1.1/30 and 2.2.2.0/29 
 They gave me a default gateway of 1.1.1.2 and told me that I can use the WAN IP ranges from 2.2.2.1 - 2.2.2.7 
 I created a WAN interface on port 2 with IP address 1.1.1.1/30 and 1.1.1.2 as gateway and then added an alias interface on it with 2.2.2.1/32 ... 2.2.2.7/32. 
 Then I created a "Permit LAN Any to WAN Any" using the IP range 2.2.2.1 - 2.2.2.7 as the outgoing NAT IP Addresses. 
 
 Am I using the alias interface correctly? 
 As I saw from the live log the only Outgoing DNS traffics has outgoing port set to port 2 while other traffics (TCP/443 etc) shows nothing on the outgoing port and the connection seems to have failed.

I was migrating from a WatchGuard XTM device and it was working on the old unit. 
 Anyone can suggest some idea how to locate the fault?

Ronak Sheth · Answer

Hi Chris, 
 
 This may be due to ARP registration issue for your Alisa IP on default gateway. 
 
 kindly login to you XG console using putty(SSH) and select option 4 (Console) and run the following command for all Alias IP addresses. 
 system diagnostics utilities arp ping source 2.2.2.1 interface Port2 114.143.228.33 
 You should receive output as following. 
 Unicast reply from 1.1.1.2 [0:80:2a:b3:a5:c3] 48.889ms 
 Unicast reply from 1.1.1.2 [0:80:2a:b3:a5:c3] 48.889ms 
 Unicast reply from 1.1.1.2 [0:80:2a:b3:a5:c3] 48.889ms 
 Kindly replace 2.2.2.1 with your Alias IP and 1.1.1.2 with your default gateway. 
 
 Regards, Ronak.