How can I route some or all WAN traffic through a backup WAN?

Description

This article explains how to route the Internet traffic for a specific IP or subnet to use the secondary WAN. 

If you would like to configure WAN Failover, the article is: How to configure Failover when there are two or more WAN Interfaces?

Static Routes are used to push traffic to the right gateway device/interface. When a SonicWall has two or more Internet Service Provider WAN Links, and you want to force only certain IP Addresses or types of traffic through one specific ISP, you must create a policy-based route to push that traffic as per requirement.

Let's consider WAN X1 as the Primary and WAN X2 as the Secondary ISP. There is a new subnet on X3. The requirement is that all devices on the X3 subnet should use the secondary WAN X2. The same steps can be used if instead of a subnet, you only need a specific IP or group of IPs.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

CAUTION: Remember when creating a Route that it will take effect immediately. Always make sure to have your Gateway and Interface set properly to avoid problematic routing. 

  1. Login to the SonicWall management GUI
  2.  Click Policy on the top bar, navigate to Rules and Policies and click Routing Rules
  3. Click Add to create a Static Route. In the pop-up window, there are several options available to you, all of which are important to understand.
    • The Source field refers to where the traffic will be coming from. In the below example we want to apply this Route to any traffic coming from X3 subnet

Image


    • Now, if you only need a specific IP or group of IPs to use X2 WAN, then create an address group with all the IPs needed and use it as the Source

Image

Image   ---- Route with custom address group


    • The Service field refers to the type of traffic this Route should apply to. Selecting ANY would be the best option, unless you have a specific service/port that should be using the backup WAN
    • The Destination field refers to where the traffic is going. In the below example we select Any since we can't list all the destinations.
    • The Interface field is what Interface the Gateway we've chosen exists on. In this case, we're using our ISP on X2, so we choose X2.
    • The Gateway field is where the traffic will be sent to. In this instance, we have our Backup ISP on the X2 Interface and so we select the X2 Default Gateway.

      NOTE:  The Metric field refers to what weight this Route should have. The lower metric is a higher priority. In this example, we've chosen 10.

Image

    • Click Add to save the settings
    • If you would like the Route to work/disable upon a successful probe, Probe-Enabled Policy Based Routing Configuration please refer to Enabling Probing on Static Routes

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

CAUTION: Remember when creating a Route that it will take effect immediately. Always make sure to have your Gateway and Interface set properly to avoid problematic routing. 

  1. Login to the SonicWall management GUI.
  2.  Click MANAGE on the top bar, navigate to Network, and click Routing.
  3. Click Add to create a Static Route. In the pop-up window, there are several options available to you, all of which are important to understand.
    • The Source field refers to where the traffic will be coming from. In the below example we want to apply this Route to any traffic coming from X3 subnet, as per the requirement
    • The Destination field refers to where the traffic is going. In the below example we select Any since we can't list all the destinations.
    • The Service field refers to the type of traffic this Route should apply to. Selecting ANY would be the best option unless you have a specific service/port that should be using the backup WAN
    • The Gateway field is where the traffic will be sent to. In this instance, we have our Backup ISP on the X2 Interface and so we select the X2 Default Gateway.
    • The Interface field is what Interface the Gateway we've chosen exists on. In this case, we're using our ISP on X2, so we choose X2.

      NOTE:  The Metric field refers to what weight this Route should have. The lower metric is a higher priority. In this example, we've chosen 10.

 Image

    • Now, if you only need a specific IP or group of IPs to use X2 WAN, then create an address group with all the IPs needed and use it as the Source

ImageImage


If you would like the Route to work/disable upon a successful probe, Probe-Enabled Policy Based Routing Configuration please refer to Enabling Probing On Static Routes.

Related Articles

  • SonicWall UTM throws an error : " Invalid Authentication " Error: SN and EPAID Do Not Match
    Read More
  • Using 31-Bit Prefixes on IPv4 Address Error: Index of the interface: Invalid IP Address
    Read More
  • How to block a website using CFS 4.0 CLI commands
    Read More
not finding your answers?
was this article helpful?