How to Enable Functional Fail-back on a USG/USG-Pro-4 #
PROMPT: You notice issues with your USG/USG-Pro-4 stuck on WAN2 after a failover event from WAN1.
Resources: #
Reddit Thread on Topic
UI help article on Advanced Gateway Config
^^ Looks like Ubiquiti removed this article lol.
Here is a link to the site from the internet archive. Or
here is a PDF of webpage downloaded from the internet archive.
Prerequisites: #
- You have set up both WAN1 and WAN2 on the USG/USG-Pro-4 and have configured Load balancing to be set to Failover mode.
- Access:
- You have a VPN set up to the site.
- You are currently at the site.
- You are connected into a PC which is on the site.
Steps: #
- Login to the UniFi Network Application and use the site switcher at the top left to switch to the active site.
- Go to Settings at the bottom of the left sidebar (gear icon), then System, then Advanced.
- Scroll Down to ‘Device Authentication’ and make note of the username and password.
- If this is blank, then enable ‘Device SSH Authentication’ and type in a secure username and password. Apply Changes.
- Depending on your form of access, open up PowerShell/bash on your computer, or the computer that is currently on the site.
- Type
ssh username@IP-of-USG/USG-Pro-4
then type in the password.- If prompted about storing a fingerprint, just type
yes
.
- If prompted about storing a fingerprint, just type
- Now that you are in, type the following commands exactly in this order:
configure
set load-balance group wan_failover flush-on-active enable
commit
save
exit
- Close out of PowerShell
- RDS/SSH/SCP onto your UniFi Network Application host.
- Once connected, navigate to the Network Application base location, then go to \data\sites.
- On Windows the base location is C:\Users\user-who-installed-net-app\Ubiquiti UniFi
- Back on the Network Application web interface, make sure you are in the affected site.
- In the URL, you should see https://ip-address:8443/manage/random-string. Make note of the random string.
- Back in the sites folder, navigate inside the folder named the random string. Place the following file into that folder.
- Insert config.gateway.json file
- You are all set, at some point restart the USG/USG-Pro-4 and then test to verify that fail-back now works.