Filter
Top Products
IPv4 and IPv6 Internet and WAN Settings
39
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure Load Balancing or Auto-Rollover
The VPN firewall can be configured on a mutually exclusive basis for either auto-rollover (for
increased system reliability) or load balancing (for maximum bandwidth efficiency). If you do
not select load balancing, you need to specify one WAN interface as the primary interface.
• Lo
ad balancing mode. The VPN firewall distributes the outbound traffic equally among
the WAN interfaces that are functional. You can configure up to four WAN interfaces. The
VPN firewall supports weighted load balancing and round-robin load balancing (see
Configure Load Balancing Mode and Op
tional Protocol Binding on page 39).
Note: Scenarios could arise in which load balancing needs to be bypassed
for certain traffic or applications. If certain traffic needs to travel on a
specific WAN interface, configure protocol binding rules for that
WAN interface. The rule should match the desired traffic.
• Primary WAN mode. The selected WAN interface is made the primary interface. The
other three interfaces are disabled.
• Auto-rollo
ver mode. The selected WAN interface is defined as the primary link, and
another interface needs to be defined as the rollover link. The remaining two interfaces
are disabled. As long as the primary link is up, all traffic is sent over the primary link.
When the primary link goes down, the rollover link is brought up to send the traffic. When
the primary link comes back up, traffic automatically rolls back to the original primary link.
If you want to use a redundant ISP link for backup purposes, select the WAN port that
sh
ould function as the primary link for this mode. Ensure that the backup WAN port has
also been configured and that you configure the WAN failure detection method on the
WAN Advanced Options screen to support auto-rollover (see Configure the Auto-Rollover
Mode and Failure Detection Method on
page 44).
Note: If the VPN firewall functions in IPv4 / IPv6 mode, you cannot
configure load balancing mode nor auto-rollover mode.
Configure Load Balancing Mode and Optional Protocol Binding
To use multiple ISP links simultaneously, configure load balancing. In load balancing mode,
any WAN port carries any outbound protocol unless protocol binding is configured.
When a protocol is bound to a particular WAN port, all outgoing traffic of that protocol is
directed to the bound WAN port. For example, if the HTTPS protocol is bound to the WAN1
port and the FTP protocol is bound to the WAN2 port, then the VPN firewall automatically
routes all outbound HTTPS traffic from the computers on the LAN through the WAN1 port. All
outbound FTP traffic is routed through the WAN2 port.