SNAT on 2nd (passive) ISP Link no longer working since R70.20

2010-01-04, 10:41
I noticed something strange ever since we went from R70 to R70.20

I use to be able to Statically NAT a single host on the secondary ISP Link (active/passive config) and have it go out on that link without any issues.

Ever since we upgraded from R70 no HFA to R70.20, this is no longer possible.

It appears the packet is routed FIRST then NATed from what I could see with FW monitor. This was NOT the case before and we had been running like that ever since R70 first came out...

I know ISP Redundancy requires the Advanced Networking Blade to work and we do have it so this is quite strange.

2010-01-08, 07:15
Could you give us more detail on the NAT rule in place ?

2010-01-17, 11:51
I wouldn't have thought they'd have broken the actual code that implements the feature, but I would check your configuration. Perhaps the upgrade munged it in a certain way.

Verify all the GUI locations that refer to ISP redundancy, and check they reflect that in your previous version.

Maybe you'll see an irregularity.