Multi-WAN: Keep Your Connection Stable
Firewalla's Multi-WAN feature will help you manage up to two WAN connections to maximize network availability and bandwidth. Multi-WAN setups are great for:
- Backing up your primary Internet connection
- Adding more bandwidth to your network
Experiences inside a multi-WAN network are the same as in a single-WAN network – just a bit faster and more reliable.
How do I set up Multi-WAN?
Multi-WAN is only available in Router Mode.
If you have a Firewalla Gold, you can use one of your other ports as a new WAN interface or get a Wi-Fi SD and back up your home network with Wi-Fi. Here's how to set up a wired WAN:
And here's how to set up a wireless WAN using the Wi-Fi SD:
If you have a Firewalla Purple, you can tether to a Wi-Fi network or a mobile hotspot. The Purple allows a maximum of one Wi-Fi and one Ethernet WAN connection.
If you have a Firewalla Purple SE, you can use the Firewalla WiFi-SD to create a WiFi-WAN for failover.
Once you've decided what kind of WAN you want to add, create a new WAN connection:
- Tap on Network Manager
- Tap on Edit -> Create Network
- Select WAN Connection
- Tap the Ethernet Port or the Wi-Fi interface you'd like to create the WAN connection on, then save your configuration.
Failover vs Load-Balancing Setups
After you create a secondary WAN, you can configure how multiple connections handle Internet traffic under Multi-WAN Setting. There are two modes:
Failover, where you can use a standby network to take over when the active connection fails. Only one WAN will be active at any time.
- Load Balance, which distributes network traffic across multiple networks. Both WANs will be active at all times.
Customizing your Multi-WAN Setup with Routes
If you want to ensure a certain type of traffic goes over only one of your WAN connections, you can create a route for it.
For example, you may experience issues with Wi-Fi calling because traffic is split between your WANs and incoming packets are coming over a different WAN from the corresponding outgoing packets. The solution is to create a Preferred Route to send the required ports and domains for Wi-Fi calling over one WAN. For example, for Verizon you can create routes for:
- Ports: 500,4500
- Domain: wo.vzwwo.com
This way, all Wi-Fi calling traffic will go over the specified WAN as long as the WAN is available. If not, traffic will fail over to the alternate WAN.
WAN Connectivity Testing
WAN Connectivity tests determine which WAN is available, triggering failover and fallback actions if necessary. There are two types of tests available for each WAN connection:
- Ping Tests ping each test target several times. If the success rate is lower than the Success Rate Threshold, the WAN fails the test.
- DNS Tests attempt to resolve the target domain you set.
If one of the tests fails, the WAN connection will be considered lost.
This newsletter is a shortened version of our article explaining Multi-WAN setups with Firewalla. For more details about this feature, read our full article: Firewalla Feature Guide: Multi-WAN.
This is part of our Firewalla Weekly Newsletter. You can sign up here https://firewalla.com/weekly.