Security Gateway Manual SG-2100
• Uncheck DNS Server Override
This will tell the firewall to use the DNS servers entered on this page and to ignore servers provided by dynamic
WANs such as DHCP or PPPoE. Occasionally these providers may push conflicting DNS server information so
the best practice is to assign the DNS servers manually.
• Click Save
Note: If the DNS Resolver has specific outgoing interfaces selected in its configuration, select the new WAN there
well as well.
11.8 Setup Policy Routing
Policy routing involves setting a gateway on firewall rules which direct matching traffic out specific WANs or failover
groups.
In simple cases (one LAN, no VPNs) the only requirement to configure policy routing is to add a gateway to existing
rules.
• Navigate to Firewall > Rules, LAN tab
• Edit the default pass rule for the LAN
• Click Display Advanced
• Set the Gateway to one of the gateway groups based on the desired LAN client behavior.
For example, pick PreferWAN so clients use WAN and then if WAN fails, they use WAN2.
• Click Save
• Click Apply Changes
If there are other local networks or VPNs which clients on LAN must reach, add rules above the default pass rules to
pass local traffic without a gateway set:
• Navigate to Firewall > Rules, LAN tab
• Click to add a new rule at the top of the list
• Configure the rule as follows:
Action Pass
Interface LAN
Protocol Any
Source LAN net
Destination The other local subnet, VPN network, or an alias of such networks.
Description Pass to local and VPN networks
Do not set a gateway on this rule.
• Click Save
• Click Apply Changes
© Copyright 2022 Rubicon Communications LLC 55
To Next Page
Loading...
Need help?
General
