Firewall – Howto make SonicWall use a specific WAN interface based on IP


How would I force a set of people based on their IP to use a specific WAN port using a SonicWall FW? Also, how do I setup the second ISP to work on x2?

Using a SonicWall NSA240 Enhanced with 5.6
We want to force groupA to use ISP1 and groupB to use ISP2.
All of the "groups" use the same subnet. 192.168.0.x/24

Currently every one goes out ISP1 that has 5 static IP's. The new additional ISP has it's own static IP.

Best Answer

This can be done, but your users need to either be on differing subnets, or static IPs.

This is handled at the Routing Policy level. Create an Address Group for the subnets (or static IPs) you want routed by X2 instead of X1. Then go to the Routing tab. Create a new Routing Policy that states that anything from that one Address Group will egress through the X2 interface/IP. Set the Interface to X2.