5 Replies Latest reply on Mar 16, 2012 11:34 AM by shammi kumar

    McAfee SG565 - Help on VLAN Failover

      Hi,

       

      We are using  McAfee/SG565 with firmware Version 4.0.10. (have 1WAN and 4LAN port)

       

      Now we have two Internet Lease line.

      1) TATA (Primary)

      2) YouTelecom (Secondary)

       

      Primary is connected to WAN port  direct connection and internet is working.

       

      Secondary is connected VLAN port direct connection ( I have assigned IP, subnet and dns of secondary ISP) this Internet is not working

       

      and also i have configure Failover on (Failover process is working)

       

      Name               Port               Primary            Secondary            Tertiary

      Youtelcom                 A                 

      Disabled              

                            

      Enabled                            

                   

      Disabled

                                   

       

                   
      TATAB

      Enabled

                   

      Disabled

                                  

      Disabled

       

      What configuration i have to do for my secondary ips, which port, how to test??

       

      Regards,

       

      Surendra

        • 1. Re: McAfee SG565 - Help on VLAN Failover

          Hi,

           

          you can isolate one of lan ports( by enabling port based VLan) and then you can configure that port as ur secondary internet conenction,

           

          Below is diffrence of required as well enabled options;

           

           

          If you're configuring failover:

          • If you have only a single Internet connection at a connection level, setting the connection to Enabled or Required has the same affect.
          • If you have multiple Internet connections at a connection level, refer to the two tables below to see the affect of each setting.

            When an Enabled Primary connection fails, the appliance switches to another Primary connection if available. In the following example, if Port B fails, the appliance switches to Port A4 if it is up. If it is not up, the appliance switches to COM1.

            Primary SecondaryTertiary
            Port B Enabled Disabled
            Port A4 Enabled Disabled
            COM1 Disabled Enabled

            When a Required Primary connection fails, the appliance switches to the Secondary level, even if other Primary connections are available. In the following example, if Port B fails, the appliances switches to COM1, even if Port A4 is up.

            Primary SecondaryTertiary
            Port B Required Disabled
            Port A4 Enabled Disabled
            COM1 Disabled Enabled

            Similarly, when an Enabled Secondary connection fails, the appliance switches to another Secondary connection if available. When a Required Secondary connection fails, the appliance switches to the Tertiary level, even if other Secondary connections are available.

           

           

          You can test the internet failover by unplugging the main internet connection and snapgear will switch to another internet conenction after sometime.

          • 2. Re: McAfee SG565 - Help on VLAN Failover

            Hi,

             

            I have two internet connections

             

            which i have connected to WAN port, internet is working.

             

            how do i connect second ISP? and test it?

             

            Thanks for your reply..

             

            Regards,

             

            Surendra

            • 3. Re: McAfee SG565 - Help on VLAN Failover

              Hello,

               

              If you have second ISP. and wants to setup second internet connection on UTM.

               

              You need to isolate or detach one port out of 4 lan ports (By default all of them behave as a switch until you isolte them).

               

              Here are steps:For isolating one of lan port from rest of other ports & using that port as second internet connection once isolated.

               

              1. Select the Modify icon on the right hand side for the LAN interface under Network Setup, Connections.
              2. Select Ethernet Configuration and select the Enable port-based VLANs option.
              3. Navigate to Network Setup, Connections and use the Add button at the bottom to add a VLAN.
              4. Enter in an unused VLAN ID field, such as 3, and then select the Untagged option for the appropriate port on the 4 port switch that you wish to use as an additional WAN, LAN, or DMZ connection.
              5. Under Network Connections you should have a new interface for the port you selected in step 4 that you can configure as desired, such as ADSL, Direct Connection, or Cable Modem.
              6. set up the internet failover as mentioned in my previous reply.
              7. once you are done. unplug one of internet conenction and second internet conenction will come into play, this way you can  test internet failover.
              • 4. Re: McAfee SG565 - Help on VLAN Failover

                Hi,

                 

                I have SG 565 and updated to firmware  4.0.10.

                 

                step 2 - enable port-based VLANs option is missing... / i was not able to find

                 

                 

                if you want to look at f/w settings, you can add gtalk id and pingme  so i can give a acess.. : rsurendra.p@gmail.com

                 

                Regards,

                 

                surendra