Gateway details
Gateway detail
Specify general details about the gateway, including type and weight.
- IP address
- IP address of the gateway.
- Interface
- IP address of the interface.
- Type
- The method by which traffic is routed through the gateway. Choose Active to route traffic through the gateway. If you configure more than one active gateway, the traffic will be load balanced among the gateways according to the assigned weight. Choose Backup to route traffic through the gateway only when the active gateway is down.
- Weight
- Priority of the gateway to be used for allocating traffic. This value determines how much traffic will pass through the link in relation to the other available links.
- Default NAT policy
- NAT policy to use by default.
Backup gateway details
Specify how the gateway is to be activated and how to assign weight to it.
- Activate this gateway
- The method by which the gateway is activated. Choose If any/all active gateway fails to activate this gateway automatically if any or all of the active gateways fail. Choose Manually to require manual activation.
- Action on activation
- The method by which the firewall assigns weight to the gateway. Choose Inherit weight of the failed active gateway to use the weight of the failed active gateway to load balance the traffic among gateways. Choose Use configured weight to use the configured weight of the gateway.
- Action on failback
- The method by which the firewall takes action when the primary gateway is
restored. Choose Serve new connections through restored gateway to route new connections through the primary gateway. It
continues to route existing connections through the backup gateway until
these are disconnected or timed out.
Choose Serve all connections through restored gateway to re-establish existing connections and route all traffic through the primary gateway. It re-establishes connections for which you’ve specified the backup gateway (in firewall rule or policy route), and continues to route them through the backup gateway, but not the primary gateway.
Failover rules
Specify the criteria to use to determine when to reroute traffic to another gateway. By default, the firewall uses ping to test the link. You can modify the default criteria and add criteria. Additional criteria are evaluated using AND.
- To change the criteria, click Edit and specify a testing method, port, and IP address.
- To add criteria, click Add and specify a testing method, port, and IP address.