A WAN port can connect a private network to Alibaba Cloud. This topic describes how to configure a WAN port for a Smart Access Gateway (SAG) device in the SAG console.

Features of a WAN port

  • SNAT

    After you enable SNAT, private source IP addresses are converted into public IP addresses that can access the Internet. By default, SNAT is disabled.

    In inline mode, you must enable SNAT for an SAG device to connect on-premises networks to the Internet. In one-arm mode, we recommend that you disable SNAT.

  • FAQ about custom DNS servers

    By default, the WAN port directly accesses Alibaba Cloud DNS servers. You can specify a custom DNS server for the WAN port.

  • Bandwidth throttling

    You can set bandwidth throttling for the WAN port. You can use quality of service (QoS) policies and bandwidth throttling to improve bandwidth utilization.

  • High-availability connections over WAN ports
    You can configure multiple WAN ports for an SAG device. The WAN ports can be used to establish high-availability connections, balance loads, and improve the network availability.
    • By default, port 5 of an SAG-1000 device serves as a WAN port. You can also specify other ports as WAN ports.
    • The number of WAN ports supported by an SAG-100WM device is based on the device type. Type 2 devices support multiple WAN ports. Type 1 devices support only one WAN port. The exterior of Type 1 and Type 2 devices is different.

    You can specify the priority, ISP, and weight properties to manage priorities of WAN ports. The priorities of the properties in descending order: priority>ISP>weight.

    Manage properties Description Scenarios
    Priority If you have configured multiple WAN ports for an SAG device, you can set a priority for each WAN port.

    The port that has the highest priority is used as the active port. Ports that have lower priorities are used as standby ports. An SAG device preferentially uses the active port to forward traffic. If the active port is not working as expected, standby ports automatically take over.

    • If the WAN ports are assigned different priorities, the SAG device can establish high-availability connections by using the active port and standby ports.
    • If the WAN ports are assigned the same priority, the SAG device can implement load balancing for the WAN ports based on the ISP and weight properties.
    ISP If the WAN ports are assigned the same priority, the SAG device matches data packets with Internet service provider (ISP) connections based on the destination IP addresses specified in the data packets. This implements load balancing.
    Weight If the ISP configurations of the WAN ports are the same or the SAG device cannot find ISPs that match the data packets, the SAG device implements load balancing based on the weights of the WAN ports.
    Note
    • You can specify an ISP for each WAN port only if the SAG instance is deployed in the mainland China area.
    • The WAN ports can be used to balance only the load of network traffic transmitted over public networks.

Configure a WAN port

  1. Log on to the SAG console.
  2. In the top navigation bar, select the region.
  3. On the Smart Access Gateway page, use one of the following methods to go to the Device Management tab.
    • Click the ID of the SAG instance. On the instance details page, click the Device Management tab.
    • Find the SAG instance and choose More > Device Management in the Actions column.
  4. On the Device Management tab, click the serial number of the SAG device that you want to manage if the SAG instance is associated with both an active device and a standby device.
  5. In the left-side navigation pane of the Device Management tab, click Manage WAN Ports.
  6. If you want to enable SNAT for a WAN port, click Edit in the SNAT Information section. In the Edit SNAT dialog box, enable SNAT and click OK.
  7. If you want to configure a custom DNS server for a WAN port, click Edit in the DNS information section. In the Modify DNS Settings dialog box, enter a custom DNS server address and click OK.
    DNS
  8. In the WAN-Wired section, find the WAN port and click Edit.
  9. In the dialog box that appears, set the following parameters and click OK.
    Parameter Description
    Connection Type Select a connection type for the WAN port.

    SAG devices support the following connection types:

    • Static IP: If the peer port of the WAN port is assigned a static IP address, select this type.
      If you select Static IP, you must set the following parameters:
      • IP: Enter the IP address of the WAN port.
      • Subnet Mask: Enter the subnet mask of the WAN port IP address.
      • Gateway: Enter the gateway IP address of the SAG device.
        Note
        • Make sure that the IP addresses of the WAN port and the peer port fall within the same CIDR block.
        • After you set Gateway, the SAG device generates a default route.
    • Dynamic IP: If the peer port uses Dynamic Host Configuration Protocol (DHCP) to assign IP addresses, select this type. The WAN port uses DHCP to obtain a dynamic IP address.
    • PPPoE: If the WAN port needs to access the Internet through dial-up connections, select this type.
      You must enter the username and password of the PPPoE account provided by the ISP.
      • Account: Enter the username of the PPPoE account.

        The username must be 6 to 30 characters in length, and can contain digits and letters.

      • Password: Enter the password of the PPPoE account.

        The password must be 6 to 30 characters in length, and can contain digits and letters.

    Priority Set a priority for the WAN port.

    Valid values: 1 to 50 and -1. Default value: 1. A smaller value represents a higher priority. A value of -1 indicates that the port is not used to forward network traffic.

    ISP Select an ISP for the WAN port.
    SAG devices support the following ISPs:
    • China Telecom
    • China Mobile
    • China Unicom
    • Other
    Bandwidth Set a bandwidth cap for the WAN port. Unit: Mbit/s.

    Before you set a bandwidth cap, take note of the following rules:

    • If you set a bandwidth cap for the WAN port, you cannot set WAN Upstream Bandwidth or Upstream Bandwidth of Cellular Port for the SAG device.
    • If you have configured multiple WAN ports for an SAG device and the WAN ports are assigned a QoS policy, the QoS policy is applied based on the following rules:
      • If the WAN ports are assigned different priorities, the QoS policy throttles network traffic based on the bandwidth of the active port.
      • If the WAN ports are assigned the same priority, the QoS policy throttles network traffic based on the lowest bandwidth cap value of the WAN ports.
    • If the bandwidth cap of the WAN port is set to 0 Mbit/s, it indicates that traffic forwarding on the WAN port is not throttled.
    Weight Set a weight for the WAN port.

    Valid values: 1 to 100. Default value: 100.

    The weight of each WAN port determines the amount of network traffic forwarded on each WAN port. For example, the weight of a WAN port is set to 50 and that of another is set to 100. The ratio of the weights of these two ports is 1:2. If the SAG devices receive three data packets, one packet is forwarded from the WAN port whose weight is 50 and two packets are forwarded from the WAN port whose weight is 100.

References