Policies_Network_Routing(ENH)_Snwls
Configuring Routing in SonicOS Enhanced
If you have routers on your interfaces, you can configure the SonicWALL appliance to route network traffic to specific predefined destinations. Static routes must be defined if the network connected to an interface is segmented into subnets, either for size or practical considerations. For example, a subnet can be created to isolate a section of a company, such as finance, from network traffic on the rest of the LAN, DMZ, or WAN.
To add static routes, perform the following steps:
1. Expand the Network tree and click Routing. The Routing page displays.
3. Select the source address object from the Source list box.
4. Select the destination address object from the Destination list box.
5. Specify the type of service that will be routed from the Service list box.
6. Select the address object that will act as a gateway for packets matching these settings.
7. Select the interface through which these packets will be routed from the Interface list box.
8. Specify the RIP metric in the Metric field.
9. Type a descriptive comment into the Comment field.
10. For appliances running SonicOS Enhanced 4.0 and above, optionally select the Disable route when the interface is disconnected checkbox.
11. For appliances running SonicOS Enhanced 4.0 and above, select the Allow VPN path to take precedence checkbox to allow a matching VPN network to take precedence over the static route when the VPN tunnel is up.
12. For appliances running SonicOS Enhanced 6.1 and above, select the Permit TCP Acceleration checkbox to allow accelerated TCP traffic to pass through the SonicWall appliance.
13. Click the Probe drop-down menu and select a probe type.
14. Click the Disable route when probe succeeds checkbox.
15. Click the Probe default state is UP checkbox.
16. To configure the routing policy advanced settings, click the Advanced tab.
17. Enter the ToS hexadecimal value in the TOS text-field.
18. Enter the ToS Mask hexadecimal value in the TOS Mask text-field.
19. Enter a value for the Admin Distance, or select the Auto checkbox for an automatically created Admin Distance.
20. When you are finished, click Update. The route settings are configured for the selected SonicWALL appliance(s). To clear all screen settings and start over, click Reset.
Probe-Enabled Policy Based Routing Configuration
For appliances running SonicOS Enhanced 5.5 and above, you can optionally configure a Network Monitor policy for the route. When a Network Monitor policy is used, the static route is dynamically disabled or enabled, based on the state of the probe for the policy.
1. In the Probe pull-down menu select the appropriate Network Monitor object or select Create New Network Monitor object... to dynamically create a new object. For more information, see Configuring Network Monitor.
2. Typical configurations will not check the Disable route when probe succeeds checkbox, because typically administrators will want to disable a route when a probe to the route’s destination fails. This option is provided to give administrators added flexibility for defining routes and probes.
3. Select the Probe default state is UP to have the route consider the probe to be successful (i.e. in the “UP” state) when the attached Network Monitor policy is in the “UNKNOWN” state. This is useful to control the probe-based behavior when a unit of a High Availability pair transitions from “IDLE” to “ACTIVE,” because this transition sets all Network Monitor policy states to “UNKNOWN.”
4. Click Update to apply the configuration.