Contents

Configuration Examples for Control of Firebox-Generated Traffic

In Fireware v12.2 or higher, you can configure policies to control traffic generated by the Firebox. This kind of traffic is also known as self-generated traffic or self-originated traffic.

For example, you can:

  • Control which multi-WAN interface is used for WatchGuard subscription services traffic
  • Control which multi-WAN interface is used for queries from the Firebox to the WebBlocker cloud
  • Send subscription services traffic over a WAN interface instead of a zero-route (0.0.0.0) BOVPN tunnel
  • Send subscription services traffic over a WAN interface instead of a zero-route (0.0.0.0) BOVPN virtual interface tunnel
  • Send SSL management traffic over a WAN interface instead of a zero-route BOVPN or BOVPN virtual interface

For a list of servers that WatchGuard products and subscription services connect to, see the Blocked Sites Exceptions list in About Blocked Sites.

Before you can create policies that apply to Firebox-generated traffic, you must first enable the Enable configuration of policies for traffic generated by the Firebox global setting. If you do not enable this global setting, any policies you create for Firebox-generated traffic do not take effect. For more information about this global setting, see Define Firebox Global Settings.

Configuration Examples

See Also

About Policies for Firebox-Generated Traffic

Configure Policies for Firebox-Generated Traffic

Define Firebox Global Settings

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search