Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 6942 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Planning a 4G Backup WAN Link with custom firewall rules

Chris Shipley

So, we have a 4G SimpliFi system hooked up as a Backup WAN Link.  We've tested this, works GREAT!  However, we've identified that in the event of a WAN failover to our backup link, we want to only deliver Internet access to those services we've deemed critical.  So I know how to build firewall rules around the services we want to allow.  But how do I create them so that our other rules do not take over and allow all traffic.  We really only need like 5 Internet destinations to run our business when our main Internet fails.  We want to prevent the rest so we don't get high data charges for things like automatic Microsoft Updates, streaming video/music, etc.  How would you go about it?



This thread was automatically locked due to age.
Parents
  • +1

    Hi,

     

    in the rule you can specify primary/backup gateway.

    For your business critical rues you can use the wan link load balancing (or primary normal and secondary 4G) and for the others primary : normal, secondary : none

     

    Brgds

  • 0 in reply to Fabien Martinet

    I'm under the impression that's not how those work.  If I have a rule set up that exists in a higher priority than my default network rule, it will take precedent.  Like so:

    Rule 1 (top)
    Traffic from LAN/Limited LAN Subnet to WAN/Limited WAN Locations
    Primary Gateway: Secondary Link

    Rule 2 (below)
    Traffic from LAN/Any to WAN/Any
    Primary Gateway: WAN Link Load Balance

    Will this rule not simply route all that limited WAN location destination traffic through that Secondary link since it's higher up in the priority?  Additionally, will this traffic fail because Secondary Link is Backup, only Active when Primary Link fails?

Reply
  • 0 in reply to Fabien Martinet

    I'm under the impression that's not how those work.  If I have a rule set up that exists in a higher priority than my default network rule, it will take precedent.  Like so:

    Rule 1 (top)
    Traffic from LAN/Limited LAN Subnet to WAN/Limited WAN Locations
    Primary Gateway: Secondary Link

    Rule 2 (below)
    Traffic from LAN/Any to WAN/Any
    Primary Gateway: WAN Link Load Balance

    Will this rule not simply route all that limited WAN location destination traffic through that Secondary link since it's higher up in the priority?  Additionally, will this traffic fail because Secondary Link is Backup, only Active when Primary Link fails?

Children