Configuring the WAN
Cisco ISA500 Series Integrated Security Appliances Administration Guide 132
NOTE: If you enable Policy-Based Routing, the policy-based routing settings will
take precedence over the load balancing settings. Traffic matching the
policy-based routing policies will be routed based on these settings. Traffic not
matching the policy-based routing policies will be routed based on the load
balancing settings.
STEP 3 Click Save to apply your settings.
Configuring Link Failover Detection
Use the Networking > WAN > WAN Redundancy > Link Failover Detection page to
detect the link failure. If a failure occurs, traffic for the unavailable link is diverted to
the active link.
STEP 1 Enter the following information:
• Failover Detection: Click On to enable the Link Failover Detection feature, or
click Off to disable it.
• Retry Count: Enter the number of retries. The security appliance repeatedly
tries to connect to the ISP after the link failure is detected. The default value
is 5.
• Retry Timeout: If the connection to the ISP is down, the security appliance
tries to connect to the ISP after a specified timeout. Enter the timeout, in
seconds, to re-connect to the ISP. The default value is 5 seconds.
• Ping Detection: Choose this option to detect the WAN failure by pinging the
IP address that you specify in the following fields:
- Default IP Gateways: Ping the IP address of default WAN gateway. If the
default WAN gateway can be detected, the network connection is active.
- Specify the IP Gateways: Ping the specified remote hosts. Enter the IP
addresses in the Primary IP Gateway and Secondary IP Gateway
fields. In Failover mode, if the primary WAN remote host can be detected,
the network connection is active. When using Dual WAN Settings, if the
remote hosts for both WAN ports can be detected, the WAN connection
is active.