4. Disable reply-to setting should also disable built-in route-to

Disable reply-to setting should also disable built-in route-to

  • A

    For installations that do not use multi-wan load balancing the auto-generated reply-to and route-to options that are applied to the rule base are really not needed.  Why put them in?  They can just cause problems with installations that require static routes or a routing protocol to adjust traffic flow. This is especially true for installations that do not use NAT and still want firewalling but need to switch routes between interfaces.

    For multi-wan failover (not load balance)  I would want the states to stay alive and get routed through the new WAN (even connections from the firewall which are currently forced with a route-to even with disable reply-to option set).  The connections flowing through would still be valid for the new WAN.  Forcing connections to a specific WAN and ignoring routing just seems like it would be the exception for most setups to me.

    The same goes for gateway state killing.

    Could we have another setting for disable route-to?  Or maybe combine them into a settings that basically means always use the routing table?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy