Hi,
I just find out that UTM9.4 multipath rules are stateless. I made my internal and external interfaces both with gateway, so I expected to freely route to any interface and dont care to concern about return packets. With policy route I must write also rules for return packets, but to route back to right wan-interface firewall must get information from state table. Example when connection come from wan1 to lan, then return packet incoming interface is lan, source is some internal ip and destination is any. But when connection come from wan2, then there is also the same. Only chance is to use state table. So, I made both lan and wan as gateway interface and made multipath rule to wan. But return packets wasnt come back. After I made also multipath rule from wan to lan, return packets come back. So, why the heck I need lan to be as gateway interface at all, if state information still missing. So, then I made lan back to "without gateway interface" and used policy routing to route return packets back to internal machine. And multipat rule stay still from lan to wan, because I have also other wan-s (with gateway set up) and I used statically bound multipath rule for interface. But still nothing. Then I made static route and return packets come back. It seems total buggy stuff when static route rules work but policy route rule not. Also I noted some other anomaly - sometimes policy route rule for some other internal subnet allows connection (it get return packets) for completely other subnet. So when I activated policy route rule for 12.0 subnet, then 100.0 subnet starts working. How this can be done at all. Its total mess. UTM 9.4 just dont work.
This thread was automatically locked due to age.
