Support User Manuals

SonicWALL 5.8.1 Microscope & Magnifier User Manual

Open as PDF

of 1490

Network > Routing

331

SonicOS 5.8.1 Administrator Guide

Network > WAN Failover & LB page. For this example, choose Per Connection Round-

Robin as the load balancing method in the Network > WAN Failover & LB page. Click Accept

to save your changes on the Network > WAN Failover & LB page.

Step 1 Click the Add button under the Route Policies table. The Add Route Policy window is

displayed.

Step 2 Create a routing policy that directs all LAN Subnet sources to Any destinations for HTTP

service out of the X1 Default Gateway via the X1 interface by selecting these settings from the

Source, Destination, Service, Gateway and Interface menus respectively. Use the default 1

in the Metric field and enter force http out primary into the Comment field. Click OK.

Step 3 Create a second routing policy that directs all LAN Subnet sources to Any destinations for

Telnet service out of the X3 Default Gateway via the X3 interface by selecting these settings

from the Source, Destination, Service, Gateway and Interface menus respectively. Use the

default 1 in the Metric field and enter force telnet out backup into the Comment field. Click

OK.

Note Do not enable the Allow VPN path to take precedence option for these routing policies.

The Allow VPN path to take precedence option gives precedence over the route to VPN

traffic to the same destination address object. This option is used for configuring static

routes as backups to VPN tunnels. See the “Static Route Configuration” section on page 329

for more information.

These two policy-based routes force all sources from the LAN subnet to always go out the

primary WAN when using any HTTP-based application, and forces all sources from the LAN

subnet to always go out the backup WAN when using any Telnet-based application.

To test the HTTP policy-based route, from a computer attached to the LAN interface, access

the public Web site http://www.whatismyip.com and http://whatismyip.everdot.org. Both sites

display the primary WAN interface’s IP address and not the secondary WAN interface.

To test the Telnet policy-based route, telnet to route-server.exodus.net and when logged in,

issue the who command. It displays the IP address (or resolved FQDN) of the WAN IP address

of the secondary WAN interface and not the primary WAN interface.

previous next