Security Gateway Manual SG-2100
Source Network, and fill in the LAN subnet, e.g. 192.168.1.0/24.
If there is more than one LAN subnet, create rules for each or use other methods such as aliases
or CIDR summarization to cover them all.
Destination Any
Translation Address Interface Address
Description Text describing the rule, e.g. LAN outbound on WAN2
• Click Save
• Click Apply Changes
Repeat as needed for additional LANs.
11.5 Firewall Rules
By default there are no rules on the new interface, so the firewall will block all traffic. This is ideal for a WAN, so is
safe to leave as-is. Adding services on the new WAN, such as VPNs, may require rules but those should be handled
on a case-by-case basis.
Warning: Do not add any blanket “allow all” style rules on any WAN.
11.6 Gateway Groups
Gateway Groups do not control traffic directly, but can be used in other places, such as firewall rules and service
bindings, to influence how those areas use gateways.
For most scenarios it helps to create three gateway groups to start with: PreferWAN, PreferWAN2, and
LoadBalance:
• Navigate to System > Routing, Gateway Groups tab
• Click Add to create a new gateway group
• Configure the group as follows:
Group Name PreferWAN
Gateway Priority Gateway for WAN on Tier 1, and WAN2 on Tier 2
Description Prefer WAN, fail to WAN2
• Click Save
• Click Add to create another gateway group
• Configure the group as follows:
Group Name PreferWAN2
Gateway Priority Gateway for WAN on Tier 2, and WAN2 on Tier 1
Description Prefer WAN2, fail to WAN
© Copyright 2022 Rubicon Communications LLC 53
To Next Page
Loading...
Need help?
General
