Add a gateway

Create a custom gateway and specify health checks to determine if the gateway is active.

Assign a zone to custom gateways if you want to route traffic based on the network host's zone. For example, you can route traffic to servers based on their zone.

Specify the health check settings to determine if the gateway is active. You can apply more than one monitoring condition for health checks.

  1. Go to Routing > Gateways, and click Add.
  2. Enter a name.
  3. Specify the gateway settings.



    Gateway IP

    Enter the IP address of the gateway.


    Select the interface of the gateway.


    Select the zone to assign to the gateway.

    The default gateway is set to the WAN zone. You can't change its zone.

    XG Firewall prioritizes the gateway zone over the interface zone.

  4. Specify the health check settings.

    Health check

    Turn it on to perform health checks for monitoring the gateway status.


    Time interval between probes for the health check.

    Default: 60 seconds


    The gateway must respond within this time to be considered active.

    Default: 2 seconds


    The number of consecutive attempts to probe the gateway's health. If the gateway doesn't respond to these attempts, XG Firewall considers the gateway unreachable.

    Default: 3

    Monitoring condition

    XG Firewall sends requests to host IP addresses behind the gateway. If the hosts respond to health check probes, XG Firewall considers the gateway active.

    Specify the following settings for monitoring the gateway:

    Protocol: Protocol for checking the gateway’s status.

    Port: For TCP protocol, specify the port number to use for health check probes.

    IP address: IP address of a host device behind the gateway.

    Specify a host that is always available. When hosts don't send a response, XG Firewall considers the gateway unreachable.

    Operator: To add more monitoring conditions, select one of the following operators, and click add Expand button:

    • AND: Probes are sent for all the specified conditions. XG Firewall determines that the gateway is active only when all the conditions are met.
    • OR: Probes are sent from the top down until a condition is met.