Add a gateway

Create a custom gateway and specify health checks to determine if the gateway is active.

Assign a zone to custom gateways if you want to route traffic based on the network host's zone. For example, you can route traffic to servers based on their zone.

Specify the health check settings to determine if the gateway is active. You can apply more than one monitoring condition for health checks.

  1. Go to Routing > Gateways, and click Add.
  2. Enter a name.
  3. Specify the gateway settings.

    Name

    Description

    Gateway IP

    Enter the IP address of the gateway.

    Interface

    Select the interface of the gateway.

    Zone

    Select the zone to assign to the gateway.

    The default gateway is set to the WAN zone. You can't change its zone.

    XG Firewall prioritizes the gateway zone over the interface zone.

  4. Specify the health check settings.
    OptionDescription

    Health check

    Turn it on to perform health checks for monitoring the gateway status.

    Interval

    Time interval between probes for the health check.

    Default: 60 seconds

    Time-out

    The gateway must respond within this time to be considered active.

    Default: 2 seconds

    Retries

    The number of consecutive attempts to probe the gateway's health. If the gateway doesn't respond to these attempts, XG Firewall considers the gateway unreachable.

    Default: 3

    Monitoring condition

    XG Firewall sends requests to host IP addresses behind the gateway. If the hosts respond to health check probes, XG Firewall considers the gateway active.

    Specify the following settings for monitoring the gateway:

    Protocol: Protocol for checking the gateway’s status.

    Port: For TCP protocol, specify the port number to use for health check probes.

    IP address: IP address of a host device behind the gateway.

    Specify a host that is always available. When hosts don't send a response, XG Firewall considers the gateway unreachable.

    Operator: To add more monitoring conditions, select one of the following operators, and click add Expand button:

    • AND: Probes are sent for all the specified conditions. XG Firewall determines that the gateway is active only when all the conditions are met.
    • OR: Probes are sent from the top down until a condition is met.