Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Watchguard External Interface Setup

Status
Not open for further replies.
andyatthowe

andyatthowe

Technical User
Sep 20, 2012
5
GB
Hi,

I am setting up my first Watchguard device which is a XTM 2 series device (XTM22). I have two WAN connections I want to use with this. One is an existing ADSL line with 5 static IP addresses and a ISP managed cisco router, the other is a new dedicated IP Feed also with 5 static ip addresses and an ISP managed router. Both are provided by the same ISP, using the same DNS servers. I have the watchguard configured in mixed routing mode, I have the first interface configured as external with the details of the ADSL connection. The second interface as the trusted internal nertwork, when I try to configure the IP Feed on another interface I run into an issue. I set it up as an external connection, enter all the details but when I try to save it comes back with error 126 it is in the same subnet as the ADSL interface. How can I get round this and set it up how I want, which is the IP Feed as the main connection and the ADSL to kick in if the IP Feed drops?


ADSL IP: 212.2.*.*

IP Feed: 212.30.*.*


Thanks


Andy
 
Sort by date Sort by votes
Is one a leased line? If so, shouldn't the ADSL be connected to the managed router on the Leased Line?

Anyway, I just tried this on an XTM25 on 11.6.1 and it didn't complain. I have to admit, it didn't have a multi-wan licence, but it didn't complain during the configuration.

Can you send me the config? (use drop box or something)

ACSS - SME
General Geek



1832163.png
 
Upvote 0 Downvote
Upvote 0 Downvote
The new connection I am trying to setup is a leased line, I know both connections have their managed routers provided by the ISP. I was hoping to be able to use the leased line\IP Feed as always on and the main connection with the ADSL being plugged in and kicking in if the leased line drops (Based on a ping failover or similar).
 
Upvote 0 Downvote
Oh I see your error - the /1 you are using for your mask bits!!!

if you have 5 IPs Im guessing a .248 net mask? so thats a /29 network!



ACSS - SME
General Geek



1832163.png
 
Upvote 0 Downvote
Thanks you are spot on, I had got the configuration to go through using the policy manager instead of the web interface. I will edit it now, so should I use the /29 for all the ip's listed i.e. the main one on the interface and then the secondary ip's as well?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ciscokid1984
  • Locked
  • Question
Watchguard RDP from external network
Replies
1
Views
152
hairlessupportmonkey
hairlessupportmonkey
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
110
hairlessupportmonkey
hairlessupportmonkey
cambo2k
  • Locked
  • Question
Watchguard or Cisco?
Replies
1
Views
76
hairlessupportmonkey
hairlessupportmonkey
ttrsux
  • Locked
  • Question
Error opening IKE port 4500 on Interface outside
Replies
0
Views
128
ttrsux
ttrsux
TierOneTech
  • Locked
  • Question
TZ105 - can I define a second WAN interface for failover?
Replies
1
Views
74
jcarmichael1203
jcarmichael1203

Part and Inventory Search

Sponsor

Back
Top