Advanced Multi-WAN Settings
In the Multi-WAN Advanced Settings, you can configure sticky connections, failback, and notification of multi-WAN events. Not all configuration options are available for all multi-WAN configuration options. If a setting does not apply to the multi-WAN configuration option you selected, that field is not active.
Advanced Multi-WAN settings include:
Sticky Connections
A sticky connection is a connection that continues to use the same WAN interface for a defined period of time. You can set sticky connection parameters only with the Round-Robin or Interface Overflow multi-WAN methods. Sticky connections make sure that, if a packet goes out through an external interface, any future packets between the source and destination address pair use the same external interface for a specified period of time. By default, sticky connections use the same interface for 3 minutes.
You cannot use sticky connection options when:
- You use the Failover or Routing Table multi-WAN methods.
- You enable SD-WAN for a policy.
If a policy definition contains a sticky connection setting, this setting can override any global sticky connection duration. For more information, go to Set the Sticky Connection Duration for a Policy.
Failback Action
You can set the action you want the Firebox to take when a failover event has occurred and then the primary external interface becomes active again. When this occurs, all new connections immediately fail back to the primary external interface. However, you can select the method you want to use for connections that are in process at the time of failback. This failback setting also applies to any policy-based routing configuration you set to use failover external interfaces.
Notification Settings
Log messages are always created for multi-WAN failover events. You can set the notification method. For more information about notification methods, go to Set Logging and Notification Preferences.
- Select Network > Multi-WAN.
- Select the Advanced tab.
- In the Sticky Connection Duration section, specify the sticky connection time for TCP, UDP, and other protocols.
- In the Failback for Active Connections drop-down list, select an option:
- Immediate Failback — Select this option if you want the Firebox to immediately stop all existing connections.
- Gradual Failback — Select this option if you want the Firebox to continue to use the failover interface for existing connections until each connection is complete.
- In the Notification Settings section, select the notification method. For more information about notification settings, go to Set Logging and Notification Preferences.
- Select Network > Configuration.
- Select the Multi-WAN tab.
In Fireware v12.2.1 or lower, you must next select the Advanced tab.
- In the Sticky Connection section, specify the sticky connection time for TCP, UDP, and other protocols.
- In the Failback for Active Connections drop-down list, select an option:
- Immediate Failback — Select this option if you want the Firebox to immediately stop all existing connections.
- Gradual Failback — Select this option if you want the Firebox to continue to use the failover interface for existing connections until each connection is complete.
- To configure notification settings for multi-WAN failover and failback events, click Notification. For more information about notification settings, go to Set Logging and Notification Preferences.