Skip to content

Add a unicast route

You can configure the firewall to forward IPv4 and IPv6 unicast traffic.

Add a route

To add a unicast route, do as follows.

  1. Go to Routing > Static routing.
  2. Under IPv4 unicast route, click Add.

  3. Specify the destination IP address and subnet. You can enter an IP or network address.

  4. Under Gateway, enter the IP address of the next hop or gateway router to route packets to the destination IP address.
  5. Under Interface, select the interface through which traffic must exit.

    The firewall first matches the interface, then the gateway that can reach the destination.

    Note

    ARP requests are sent to identify the interface over which the destination IP address behind the peer RED is reachable. To make sure these requests reach the destination network, don't select an interface. Under Gateway, enter the IP address of the peer RED interface.

  6. Under Administrative distance, enter a number. It determines the best route among the different routing protocols. Lower numbers carry higher priority.

    For example, the firewall tries to send traffic over a route with a distance of 1 rather than 5.

  7. Under Metric, enter a number. It determines the best route among static routes.

    Note

    If you configure a static route for a RED site-to-site tunnel, you can't select an interface. Instead, you must specify the IP address of the peer RED site-to-site tunnel.

  8. Click Save.

  1. Go to Routing > Static routing.
  2. Under IPv6 unicast route, click Add.
  3. Enter the destination IP address and prefix. You can enter an IP or network address.
  4. Under Gateway, enter the IP address of the next hop or gateway router to route packets to the destination IP address.
  5. Under Interface, select the interface through which traffic must exit. The firewall first checks the interface and then the gateway.

    Note

    ARP requests are sent to identify the interface over which the destination IP address behind the peer RED is reachable. To make sure these requests reach the destination network, don't select an interface. Under Gateway, enter the IP address of the peer RED interface.

  6. Under Metric, enter a number. It determines the best route among static routes.

Useful information

  • If an interface or tunnel restarts, the route table only shows interface routes, that is, static routes for which you selected an interface.
  • Gateway routes appear when the firewall matches traffic with the destination address and gateway, then selects an interface to route it through.