Multi-WAN failover works - sort of

[vico1959]

So I have a multi-WAN failover setup using a gateway group and it works initially when I pull the physical netork cable for the primary WAN connection BUT what happens is a minute later the primary WAN shows as online and it switches back over even though it is physically unplugged so it cannot be online. It then continues to cycle between the two WAN connections being active because it is alternately stating that the primary WAN is up and then down and then up and then down. How can I fix this and make it reliable? I mean it can't possibly be reaching the monitor IP on the primary and yet it thinks it is up every 30 seconds or so. In fact I can sit here and refresh the screen on the single gateway page and nearly every refresh it is seeing the status as changed for that primary WAN. The failover is setup to switch when an interface is down as opposed to latency or packet loss. The second WAN is a Verizon wireless 4G LTE router that is connected with a wired ethernet connection to the firewall. The latency is obviously more than our primary cable connection but typically is in the 40-50ms range so not anything crazy. Please help if you can. Thanks.

P.S. - I forgot to say that I can get it to stay permanently on the second WAN if I mark the primary as down but the primary status still shows as online. Also I have noticed that everytime I make a change to the primary gateway and save it, such as marking as down or not, as soon as I save it then it shows as down and then if I refresh then it shows as online. I'm really baffled.

[vico1959]

I may have figured out my own issue. I had also messed around with the priority and weight settings and when I set them both back to 1 on both interfaces and just let the Tier settings do the choosing then it looks like it is working correctly.

[tong2x]

good for you

[vico1959]

Well it was wishful thinking. It is still completely unreliable. Today our cable Internet is not having issues but the firewall keeps intermittently switching over to the failover Tier 2 gateway and continues alternating between the two. I've had to mark the failover gateway as down in order to fix it for now. Can anybosy help me with this. I sure wish stuff would work the way it is supposed to, it would make life much easier. 

[vico1959]

Anyone?

[vico1959]

Okay, once again I think I may have it licked. It has been working properly for 3 days straight now. I did a lot of tweaking so I'm not quite sure what the exact combination that made it stick is but all I know is that for any developers listening, failover WAN does not work very well like it should, at least not like I would expect it to. Some of the parameters must not be functioning reliably yet. Please do some testing and tweaking for future updates please. Thank you.

[tong2x]

i guess the issue is the trigger or the lack of correct trigger?

well just post here again if you have further notes

[vico1959]

Well for me I think what worked was under Settings/General I had to check the allow default gateway switching to make it reliable and then I also had to check allow DNS server list to be overridden for the DNS to work reliably over the 4G DHCP connection. What I would recommend would be to have a failsafe WAN failover wizard that could be run and would make all the necessary changes by answering a couple of questions. As it is you have to go to several places to figure out what needs to be checked and setup in order to make it function correctly and nothing in the main areas tells you this so it is not intuitive.