Add a Static Route

A route is the sequence of devices through which network traffic must go to get from its source to its destination. A router is the device in a route that finds the subsequent network point through which to send the network traffic to its destination. Each router is connected to a minimum of two networks. A packet can go through a number of network points with routers before it gets to its destination. 

You can create static routes to send traffic to specific hosts or networks. The router can then send the traffic from the specified route to the correct destination. If you have a full network behind a router on your local network, add a network route. If you do not add a route to a remote network, all traffic to that network is sent to the XTM device default gateway.

Before you begin, you must understand the difference between a network route and a host route. A network route is a route to a full network behind a router located on your local network. Use a host route if there is only one host behind the router, or if you want traffic to go to only one host.

If you have configured a BOVPN virtual interface, you can also add and edit VPN routes for a BOVPN virtual interface in the static routes table.

Add an IPv4 Static Route

To add a static route:

  1. Select Network > Routes.
    The Routes page appears.
  2. Click Add.
    The Route dialog box appears.

Screen shot of the Add Route dialog box

  1. From the Route Type drop-down list, select Static Route.
  2. From the Destination Type drop-down list, select an option:
  3. In the Route To text box, type the host address or network address. If you type a network address, use slash notation.
    For more information about slash notation, see About Slash Notation.
  4. In the Gateway text box, type the IP address of the router.
    Make sure that you type an IP address that is on one of the same networks as the XTM device.
  5. In the Metric text box, type or select a metric value for the route. Routes with lower metrics have higher priority.
  6. Click OK to close the Route dialog box.
    The configured network route appears in the Routes page.
  7. Click Save to save the change to the configuration.

Add an IPv6 Static Route

When you add an IPv6 route, you can optionally specify which IPv6-enabled interface to use for the route. Specify an interface if you want to control which interface is used in the route. For example:

To add a static route:

  1. Select Network > Routes.

    The Routes page appears.
  2. Click Add.

    The Route dialog box appears.

  1. From the Route Type drop-down list, select Static Route.
  2. From the Destination Type drop-down list, select an option:
  3. In the Route To text box, type the host address or network address. If you type a network address, use slash notation.

    For more information about slash notation, see About Slash Notation.
  4. In the Gateway text box, type the IP address of the router.

    Make sure that you type an IP address that is on one of the same networks as the XTM device.
  5. In the Metric text box, type or select a metric value for the route. Routes with lower metrics have higher priority.
  6. If you want this route to use a specific interface, select the Specify interface check box. From the adjacent drop-down list, select an IPv6-enabled interface that can access the specified gateway.
  7. Click OK to close the Route dialog box.
    The configured network route appears in the Routes page.
  8. Click Save to save the change to the configuration.

Add a BOVPN Virtual Interface Route

If you have configured a BOVPN virtual interface, you can also add and edit BOVPN virtual interface routes here. This option is available only after you configure at least one BOVPN virtual interface. For more information, see Configure a BOVPN Virtual Interface.

IPv6 BOVPN virtual interface routes are 6in4 tunnel routes that use a GRE tunnel within the IPSec BOVPN tunnel. You can use an IPv6 BOVPN virtual interface route to send traffic between two IPv6 networks through an IPv4 BOVPN virtual interface tunnel. You cannot configure a BOVPN virtual interface route for traffic between an IPv4 network and an IPv6 network.

IPv6 BOVPN virtual interface routes are supported in Fireware XTM OS v11.9 and higher.

To add a BOVPN virtual interface route:

  1. Select Network > Routes.
    The Routes page appears.
  2. Click Add.
    The Route dialog box appears.

  1. From the Route Type drop-down list, select BOVPN Virtual Interface Route.
  2. From the Choose Type drop-down list, select an option:
  3. In the Route To text box, type the network address or host address. If you type a network address, use slash notation.

    For more information about slash notation, see About Slash Notation.
  4. In the Metric text box, type or select a metric value for the route. Routes with lower metrics have higher priority.
  5. From the Interface drop-down list, select the BOVPN virtual interface you want to use for this route.
  6. Click Save changes to close the Route dialog box.
    The configured network route appears in the Routes page.
  7. Click Save to save the change to the configuration.

The BOVPN virtual interface routes you configure here also appears in the VPN Routes tab in the BOVPN virtual interface configuration

If the XTM device is configured in drop-in mode, the route table on the XTM device might or might not immediately show the correct interface for a static route after you restart the device, or after you move the gateway associated with a static route to a different interface. The XTM device cannot update the route table with the correct interface for a static route until it receives network traffic through the gateway for that static route. The XTM device updates the internal route table on demand when traffic is received from the gateway.

See Also

About Routing

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base