Security Gateway Manual SG-3100
2.5.5 Firewall Rules
By default there are no rules on the new interface, so the firewall will block all traffic. This is ideal for a WAN, so is
safe to leave as-is. Adding services on the new WAN, such as VPNs, may require rules but those should be handled
on a case-by-case basis.
Warning: Do not add any blanket “allow all” style rules on any WAN.
2.5.6 Gateway Groups
Gateway Groups do not control traffic directly, but can be used in other places, such as firewall rules and service
bindings, to influence how those areas use gateways.
For most scenarios it helps to create three gateway groups to start with: PreferWAN, PreferWAN2, and
LoadBalance:
• Navigate to System > Routing, Gateway Groups tab
• Click Add to create a new gateway group
• Configure the group as follows:
Group Name PreferWAN
Gateway Priority Gateway for WAN on Tier 1, and WAN2 on Tier 2
Description Prefer WAN, fail to WAN2
• Click Save
• Click Add to create another gateway group
• Configure the group as follows:
Group Name PreferWAN2
Gateway Priority Gateway for WAN on Tier 2, and WAN2 on Tier 1
Description Prefer WAN2, fail to WAN
• Click Save
• Click Add to create another gateway group
• Configure the group as follows:
Group Name LoadBalance
Gateway Priority Gateways for WAN and WAN2 both on Tier 1
Description Prefer WAN2, fail to WAN
Note: This performs connection-based load balancing, not per-packet load balancing.
• Click Save
• Click Apply Changes
© Copyright 2022 Rubicon Communications LLC 50
To Next Page
Loading...
