I figured out what the issue was. I was missing the following modify rule in the firewall. I also added the "firewall in modify balance" rule to the LAN interfaces. Am I supposed to add that to all of my LAN interfaces? It seemed to work without it, but the examples I saw and wizard had the rule added to the LAN interface.
Firewall modify rule:
modify balance {
rule 10 {
action modify
description "do NOT load balance lan to lan"
destination {
group {
network-group PRIVATE_NETS
}
}
modify {
table main
}
}
rule 20 {
action modify
description "do NOT load balance destination public address"
destination {
group {
address-group ADDRv4_eth0
}
}
modify {
table main
}
}
rule 30 {
action modify
description "do NOT load balance destination public address"
destination {
group {
address-group ADDRv4_eth1
}
}
modify {
table main
}
}
rule 70 {
action modify
modify {
lb-group G
}
}
}
Interfaces:
ethernet eth0 {
address dhcp
description "WAN 1"
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth1 {
address dhcp
description "WAN 2"
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth2 {
address 10.0.0.254/24
description "LAN 1"
duplex auto
firewall {
in {
modify balance
}
}
speed auto
}
ethernet eth3 {
description "LAN 2 (Wireless)"
duplex auto
firewall {
in {
modify balance
}
}
poe {
output 24v
}
speed auto
}
ethernet eth4 {
description "LAN 2 (Wireless)"
duplex auto
firewall {
in {
modify balance
}
}
poe {
output 24v
}
speed auto
}
ethernet eth5 {
description SFP
disable
duplex auto
speed auto
}
loopback lo {
}
switch switch0 {
address 10.0.1.254/24
description "LAN 2 Switch"
firewall {
in {
modify balance
}
}
mtu 1500
switch-port {
interface eth3 {
}
interface eth4 {
}
vlan-aware disable
}
}