Single WAN always active with multiple WAN ifaces?

same here in the working setup (on the Nethserver):

# ping -w 1 -I br0 192.168.99.138
PING 192.168.99.138 (192.168.99.138) from 10.0.9.100 br0: 56(84) bytes of data.

--- 192.168.99.138 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

The default route on the Nethserver is to RED (eth2 in my case) which makes sense:

# ip route
default via WW.XXX.YYY.ZZZ dev eth2
WWW.XXX.YYY.0/24 dev eth2 proto kernel scope link src WWW.XXX.YYY.ZZZ 
10.0.9.0/24 dev br0 proto kernel scope link src 10.0.9.100
192.168.99.0/24 dev eth3 proto kernel scope link src 192.168.99.1

@mark_nl
I have installed a new nethserver and used your example from above andit still doesn’t work.

on the green client:
ip route
default via 10.20.35.1 dev ens18
10.20.35.0/24 dev ens18 proto static scope link src 10.20.35.69

on the blue client:
ip route
default via 192.168.203.180 dev ens18
192.168.203.0/24 dev ens18 proto static scope link src 192.168.203.69

2021_08_31_10_43_19_Network_localhost.testokab_Brave1000×573 32.2 KB

IMVHO route on green should not be necessary.
But remember than…
GREEN -> BLUE OK
BLUE -> GREEN KO, unless specific rule is created on firewall.

Hi @lonnestig, Do not see something wrong in this configuration… I’m out of options,

Maybe @Andy_Wismer (or someone else) has some suggestions ?

Sry, on the road with only an iPhone…
Maybe later, when back home. That will be around 18:00 MET…

My 2 Cents
Andy

Thank you all for your input and help!
We have managed to get it running, both in the test and and production environment.

The problem was that I needed to have the gateway set on all the clients to the nethserver. I don’t know why it’s required, when it’s not required in our current network Zyxel solution.

Our next challenge is to change the gateway on all our clients and servers.
We would like to be able to reach our different networks without setting our gateway, like it works when you set all interfaces to RED.