Notes: The ability to route traffic to a VPN connection is only available on Firewalla Box v1.972.
What is Policy-based Routing?
In networking, network traffic is usually managed by the system's routing table; This routing table can either be static, or dynamic based on your network topology. Policy-Based Routing (PBR) is a technique used to make routing decisions based on policies set by you.
The traditional Policy Based Routing is based on the IP layer, and also the services the network is running. Firewalla Policy Based Routing is much more flexible, and also can be mapped to the destination category (gaming, video).
- Firewalla PBR is content-aware
- The PBR feature will only work if you have multiple WAN or VPN connection
- The PBR feature will be available on the Gold first
- Routing to VPN is supported for the Blue Plus
- You can specify any type of traffic and route them to your VPN servers, as long as the VPN is connected.
- If you have a dual-WAN setup, you can route any traffic to any WAN connection no matter the WANs are set to failover or load balancing.
- Routing all video traffic to a 3rd party VPN server (Available on App 1.45 + Box v1.972)
- Routing all traffic on PC to the standby WAN
- Running Zoom or Gaming from a low latency WAN interface
How to use it?
On Firewalla Box main page, tap on Routes -> Add Route, specify any type of traffic, matching a device/group/network, and route it to any VPN connection or WAN connection.
Following Targets are supported in Routes:
- Target List (Beta)
- IP Address
- IP Address Range
- Remote Port
- All Gaming Sites
- All Social Sites
- All Video Sites
When there is conflict:
The priority of different levels is device > group > network > global(All devices).
- When there is conflict, device/group rules will take precedence over Network rules.
- When there is conflict, Network rules will take precedence over Global rules.
VPN Example (Available on App 1.45 + Box v1.972):
Route all video traffic on your iPad to the ExpressVPN you set up before in the VPN Client feature
- Box main page -> Add Route
- Set a target -> All Video Sites
- Select a device -> iPad
- Select a interface -> VPN -> ExpressVPN
With this route, all the traffic to video sites will be routed to ExpressVPN when the VPN is connected.