Add Multi-Link routes

You can add a Multi-Link route for a Firewall or Virtual Firewall.

Note: A Network element represents the IP addresses of a network or a subnetwork to which the router or the NetLink forwards the traffic, or the IP addresses of a network that is reachable through a route-based VPN tunnel.
Note: The network interfaces for the NetLinks must have a node dedicated IP address (NDI) defined for all nodes in clusters. Otherwise, the IP address of the interface marked as the default IP address for outgoing connections is used, which can lead to incorrect load balancing.
CAUTION:
If you use Multi-Link with IGMP proxy multicast routing, make sure that you do not create routing loops. If you add a NetLink to the upstream interface, do not add a NetLink to any downstream interface.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click an NGFW Engine, then select Edit <element type>.
  2. Browse to Routing.
  3. In the routing tree, browse to the NetLink through which you want to route traffic.
  4. Add the element that contains the IP addresses that are routed through this interface:
    • To add a default route, right-click the NetLink element, then select Set As Default Route.

      This inserts the default element Any Network under the NetLink in the routing tree.

    • To add a route using a Host or Network element, right-click the NetLink element, select Add, then select the element.
  5. Click Save and Install.
    If you are configuring routing for Master NGFW Engines, install or refresh the policy on the Master NGFW Engine and the Virtual NGFW Engines to transfer the changed configuration.