How can I route some or all WAN traffic through a backup WAN?
03/26/2020 254 41533
When a SonicWall has two or more Internet Service Provider WAN Links, and you want to force only certain IP Addresses or types of traffic through one specific ISP, you must create a policy based route for that traffic.
For the purposes of this article we'll use HTTP traffic as an example. However the steps performed below can apply to any type of traffic, or all traffic from any IP Addresses on your network.
- Login to the SonicWall management GUI.
- Click MANAGE on the top bar ,navigate to Network and the click Routing.
- Click Add to create a Static Route. In the pop-up window there are several options available to you, all of which are important to understand.
- The Source field refers to where the traffic will be coming from. In the below example we want to apply this Route to any traffic coming from any Interface with the LAN designation.
- The Destination field refers to where the traffic is going. In the below example we select Any since we can't list all the destinations, instead we're specifying by Protocol.
- The Service field refers to the type of traffic this Route should apply to. We've selected HTTP, so any packets going over Port 80 which ALSO come from a LAN Zone Interface/Subnet will be subject to this Route.
- The Gateway field is where the traffic will be sent to. In this instance we have our Backup ISP on the X2 Interface and want to use it for this HTTP traffic, so we select the X2 Default Gateway.
- The Interface field is what Interface the Gateway we've chosen exists on. In this case we're using our ISP on X2, so we choose X2.
NOTE: The Metric field refers to what weight this Route should have, with lower being a higher priority. In this example we've chosen 10.
NOTE: The example above can be applied to many other types of Routes. Instead of HTTP you can use any Protocol you wish, the SonicWall has many Services programmed in by default and also allows you to make your own under Firewall | Service Objects. Source and Destination Objects can be created under Network | Address Objects.
CAUTION: Remember when creating a Route that it will take effect immediately. Always make sure to have your Gateway and Interface set properly to avoid problematic routing.
TIP: Probe-Enabled Policy Based Routing Configuration please refer Enabling Probing On Static Routes.