We have updated our SSO (Single Sign On) - Login to all Zyxel Systems with a MyZyxel Account! Learn More!

Open Article
English Български Čeština Dansk Deutsch Español Suomi Français Magyar Italiano Nederlands Norsk Polski Română Русский Slovenčina svenska Türkçe

How to Set Up Two ISPs in One Switch VLAN icon

Avatar
  • Updated
Back to top

A business may need to connect two different ISPs to the same switch. This connection option can be helpful for both single-firewall and dual-firewall configurations using HA Pro mode. In our example, we will consider a configuration with two firewalls that work in HA Pro mode.  
mceclip0.png

1. HA Pro Setup

2. Switch Setup

3. Firewall Setup 

 

1. HA Pro Setup

In our example, we first configured HA Pro mode on our devices. To configure HA Pro mode, use the article in our database: Firewall - Configure Device HA Pro

2. Switch Setup

We used the GS2220-10HP switch in our example, but you can use any other Zyxel switch that supports VLAN.  

Enter the web GUI and go to  Menu > Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup

- Check mark in the "ACTIVE" field
- Set a friendly name in the "Name" field
- Specify the VLAN GroupID for one of the providers

In our case, 3 ports are needed for each provider. One incoming for the ISP and 2 outgoings, one for each firewall.
- Select ports 2, 3, and 4 as Fixed and no tag is needed. All other ports switch to "Forbidden".
- Click “Add”.

Now we need to create a VLAN for our second ISP.

Now we need to specify the PVID for our VLANs. 
Menu > Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup.
- Set port 2,3,4 as PVID=100 (VLAN 100) and port 5,6,7 as PVID=200 (VLAN 200).
- Click "Apply"

After making all the changes, be sure to click "Save". If this is not done after rebooting the switch, the changes will not be saved.


It is recommended to disable VLAN1 on the ports we used for VLAN100(ISP1) and VLAN200(ISP2). This will protect you from accidental connections to other ports of the switch. 



3. Firewall Setup

Now we need to configure WAN1 and WAN2 on our firewall. Since our firewalls work in HA Pro mode, all settings need to be done only on the active device. Then the settings are automatically copied to the passive device. Depending on how your ISP will issue an IP address, static or by DHCP, you will need to make the appropriate settings. In our case, we have static IP addresses. 

Enter the web GUI and go to Configuration ⇾ Network ⇾ Interface ⇾ Ethernet



- Enter the necessary data for your connection, IP, mask and gateway of your ISP.

- Click "OK".

 

 

https://support.zyxel.eu/hc/requests/new?ticket_form_id=114093996354
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Related articles

Comments

0 comments

Please sign in to leave a comment.