From Wiki of WFilter NG Firewall
Jump to: navigation, search


1 Muti-WAN

Muti-WAN enables you to set load balancing and advanced routing when you have multiple WAN interfaces. This module has no use if you only have one WAN interface.

2 Solution

You need to define line solutions at first. For example:

  • "WAN1 Only": set WAN1 as a dedicated line for business servers only.
  • "WAN2 & WAN3 Balanced": for office users to share these two lines.
  • "WAN3 Only": traffic to certain websites will be in this line.

You can add multiple line solutions, for each solution, you need to define the load balancing rank for every interface.

Ros mwan 001.png

3 Policy

A solution won't work without policy. Policy is the rule to define which traffic picks which solution. Settings:

  • Source: source ip address or ip range. You can define IP as "Any", "Single IP" or "IP Range".
    • For "Single IP", a single ip or subnet is allowed(for example: or
    • For "IP Range", you need to input an ip range.
  • Target, target ip or domain
    • For "Single IP" and "IP Range", the synax is the same as "Source".
    • For "Customize", you can select traffic by "application type", "web categories", "countries and regions" or "custom IP or domains".
  • Ports: target ports to be applied.

Ros mwan 002.png

Ros mwan 002 2.png

Please notice: Rules are always processed from the top of a list down, first match wins. You may drag the re-order icon to re-order rules.

Ros mwan 003.png

4 WAN Failover

"WAN Failover" feature detects line availability, in case one line fails, interface load will be re-balanced.

  • "WAN Failover" is disabled by default.
  • If "reconnect" is enabled, WAN interfaces will be automatically restarted on failure.
  • For "static ip" WAN interface, NGF will automatically ping WAN gateway to check.
  • Use IP addresses for connection testing is recommended.

Ros mwan 004.png


Personal tools