Operational Defect Database
BugZero found this defect 1967 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3UFSAY
Outbound traffic without Dynamic NAT fails when Firebox with v12.1.x configured for both Multi-WAN and Dynamic Routing
Last update date:
1/8/2019
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.1.x
12.1
12.1.1
12.1.3
Fixed releases:
All
Description:
Issue
If your Firebox is configured for both multi-WAN and dynamic routing, the Firebox could fail to pass outbound traffic that does not use Dynamic NAT. This occurs most often when you have a public IP address on a host inside the network.
Workaround/Solution
This issue does not occur if a Proxy policy handles the outbound traffic. As an alternative, you can use Policy-Based Routing to force the connections to use an interface that will apply Dynamic NAT.
