Security Gateway Manual SG-2100
Gateway IPv4 The IPv4 address of the gateway inside the same subnet.
Description Optional text describing the purpose of the gateway.
– Click Add
– Ensure the new gateway is selected as the IPv4 Upstream Gateway
• Check Block private networks
This will block private network traffic on the interface, though if the firewall rules for this WAN are not permis-
sive, this may be unnecessary.
• Check Block bogon networks
This will traffic from bogus or unassigned networks on the interface, though if the firewall rules for this WAN
are not permissive, this may be unnecessary.
• Click Save
• Click Apply Changes
The presence of a selected gateway in the interface configuration causes the firewall to treat the interface as a WAN
type interface. This is manual for static configurations, as above, but is automatic for dynamic WANs (e.g. DHCP,
PPPoE).
The firewall applies outbound NAT to traffic exiting WAN type interfaces but does not use WAN type interface net-
works as a source for outbound NAT on other interfaces. Firewall rules on WAN type interfaces get reply-to added
to ensure traffic entering a WAN exits the same WAN, and traffic exiting the interface is nudged toward its gateway.
The DNS Resolver will not accept queries from clients on WAN type interfaces without manual ACL entries.
See also:
Interface Configuration
11.4 Outbound NAT
For clients on local interfaces to get to the Internet from private addresses to destinations through this WAN, the
firewall must apply Outbound NAT on traffic leaving this new WAN.
• Navigate to Firewall > NAT, Outbound tab
• Check the current outbound NAT mode
If the mode is set to Automatic or Hybrid, then this may not need further configuration. Ensure there are rules for the
new WAN listed as a Interface in the Automatic Rules at the bottom of the page. If so, skip ahead to the next section.
If the mode is set to Manual, create a new rule or set of rules to cover the new WAN.
If there are existing rules in the Mappings table, they can be copied and adjusted to use the new WAN. Otherwise,
create them manually:
• Click to add a new rule at the top of the list.
• Configure the rule as follows:
Interface Choose the new WAN interface (e.g. WAN2)
Address Family IPv4
Protocol Any
© Copyright 2022 Rubicon Communications LLC 52
To Next Page
Loading...
Need help?
General
