For custom connection options, you can configure failover and load balancing policies. You can configure up to 7 alternatives to the default translated source IP policy.
Step 1. Create a Custom Connection Object
Create a custom connection object using one of the following Translated Source IP polices:
- Original Source IP
- Dynamic NAT
- Network Interface
- Explicit IP
For more information, see How to Create a Custom Connection Object.
2. Configure Failover and Load Balancing Settings
In the Failover and Load Balancing section of the custom connection object you created in step 1 you can configure the policy and the alternative translated source IPs.
Failover
From the Policy list select Failover.
Click + to add alternative connections to the Alternatives list.
For each entry click on the edit symbol in the Type column and select how the translated source IP is determined:
- Explicit IP – Enter the new source IP address in the Value column.
- Network Interface – Enter the network interface in the Value column.
- Original Source IP
- Dynamic NAT
- Click OK.
- Click Send Changes and Activate.
Weighted Round Robin
From the Policy list select Weighted Round Robin.
Click + to add alternative connections to the Alternatives list.
Explicit IP – Enter the new source IP address in the Value column.
Network Interface – Enter the network interface in the Value column.
Original Source IP
Dynamic NAT
- (optional) In the NAT Settings enter the Weight.
- (optional) In the Alternatives list enter the Weight for each alternative connection.
- Click OK .
- Click Send Changes and Activate.
Weighted Random
From the Policy list select Weighted Random.
Click + to add alternative connections to the Alternatives list.
Explicit IP – Enter the new source IP address in the Value column.
Network Interface – Enter the network interface in the Value column.
Original Source IP
Dynamic NAT
- (optional) In the NAT Settings enter the Weight.
- (optional) In the Alternatives list enter the Weight for each alternative connection.
- Click OK.
- Click Send Changes and Activate.
Source IP Hash
From the Policy list select Source IP Hash.
Click + to add alternative connections to the Alternatives list.
Explicit IP – Enter the new source IP address in the Value column.
Network Interface – Enter the network interface in the Value column.
Original Source IP
Dynamic NAT
- (optional) In the NAT Settings enter the Weight.
- (optional) In the Alternatives list enter the Weight for each alternative connection.
- Click OK.
- Click Send Changes and Activate.
Provider Optimization
Provider Optimization selects the optimal TCP connection by determining the provider with the fastest response time to TCP probing packets sent by the firewall. The option requires you to specify at least two connections to rival, e.g., an interface, a dynamic IP, an explicit IP.
This option needs to activate Feature Level 8.0.
- From the Policy list, select Provider Optimization.
- Click + to add connections for probing to the Alternatives list.
Explicit IP – Enter the new source IP address in the Value column.
Network Interface – Enter the network interface in the Value column.
Original Source IP
Dynamic NAT
- (optional) In the NAT Settings, enter the Weight.
- (optional) In the Alternatives list, enter the Weight for each alternative connection.
Next Steps
Create a Pass, Dst NAT or Broad-Multicast access rule and select the connection object as the Connection Method.
For more information, see Access Rules.