Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

How can I route some or all WAN traffic through a backup WAN?

06/08/2022 406 People found this article helpful 150,778 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    This article explains how to route the Internet traffic for a specific IP or subnet to use the secondary WAN. 

    If you would like to configure WAN Failover, the article is: How to configure Failover when there are two or more WAN Interfaces?

    Static Routes are used to push traffic to the right gateway device/interface. When a SonicWall has two or more Internet Service Provider WAN Links, and you want to force only certain IP Addresses or types of traffic through one specific ISP, you must create a policy-based route to push that traffic as per requirement.

    Resolution

    Let's consider WAN X1 as the Primary and WAN X2 as the Secondary ISP. There is a new subnet on X3. The requirement is that all devices on the X3 subnet should use the secondary WAN X2. The same steps can be used if instead of a subnet, you only need a specific IP or group of IPs.

    Resolution for SonicOS 7.X

    This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

    CAUTION: Remember when creating a Route that it will take effect immediately. Always make sure to have your Gateway and Interface set properly to avoid problematic routing. 

    1. Login to the SonicWall management GUI
    2.  Click Policy on the top bar, navigate to Rules and Policies and click Routing Rules
    3. Click Add to create a Static Route. In the pop-up window, there are several options available to you, all of which are important to understand.
      • The Source field refers to where the traffic will be coming from. In the below example we want to apply this Route to any traffic coming from X3 subnet. 

    Image


      • Now, if you only need a specific IP or group of IPs to use X2 WAN, then create an address group with all the IPs needed and use it as the Source

    Image

    Image   ---- Route with custom address group


      • The Service field refers to the type of traffic this Route should apply to. Selecting ANY would be the best option, unless you have a specific service/port that should be using the backup WAN
      • The Destination field refers to where the traffic is going. In the below example we select Any since we can't list all the destinations.
      • The Interface field is what Interface the Gateway we've chosen exists on. In this case, we're using our ISP on X2, so we choose X2.
      • The Gateway field is where the traffic will be sent to. In this instance, we have our Backup ISP on the X2 Interface and so we select the X2 Default Gateway.

        NOTE:  The Metric field refers to what weight this Route should have. The lower metric is a higher priority. In this example, we've chosen 10.

    Image

      • Click Add to save the settings
      • If you would like the Route to work/disable upon a successful probe, Probe-Enabled Policy Based Routing Configuration please refer to Enabling Probing on Static Routes

    Resolution for SonicOS 6.5

    This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

    CAUTION: Remember when creating a Route that it will take effect immediately. Always make sure to have your Gateway and Interface set properly to avoid problematic routing. 

    1. Login to the SonicWall management GUI.
    2.  Click MANAGE on the top bar, navigate to Network, and click Routing.
    3. Click Add to create a Static Route. In the pop-up window, there are several options available to you, all of which are important to understand.
      • The Source field refers to where the traffic will be coming from. In the below example we want to apply this Route to any traffic coming from X3 subnet, as per the requirement
      • The Destination field refers to where the traffic is going. In the below example we select Any since we can't list all the destinations.
      • The Service field refers to the type of traffic this Route should apply to. Selecting ANY would be the best option unless you have a specific service/port that should be using the backup WAN
      • The Gateway field is where the traffic will be sent to. In this instance, we have our Backup ISP on the X2 Interface and so we select the X2 Default Gateway.
      • The Interface field is what Interface the Gateway we've chosen exists on. In this case, we're using our ISP on X2, so we choose X2.

        NOTE:  The Metric field refers to what weight this Route should have. The lower metric is a higher priority. In this example, we've chosen 10.

     Image

      • Now, if you only need a specific IP or group of IPs to use X2 WAN, then create an address group with all the IPs needed and use it as the Source

    ImageImage


    If you would like the Route to work/disable upon a successful probe, Probe-Enabled Policy Based Routing Configuration please refer to Enabling Probing On Static Routes.

    Related Articles

    • Accessing resources across network using Point to Point link
    • Unable to access the junk summary URL using TCP port 10080
    • ICMP Redirect force to change the routing table

    Categories

    • Firewalls > NSa Series > Networking
    • Firewalls > NSv Series > Networking
    • Firewalls > TZ Series > Networking

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
      Scroll to top
      Trace:63d06900c8ef267d887744bb716d43f8-78