Omada Pro Logo official website Vigi Logo official website
Contact Us
United States / English
Store

How to configure Policy Routing on Omada Gateway

Knowledgebase
Configuration Guide
Online
BookmarksCopy Link
11-06-2024
23664

Contents

Introduction

Requirements

Configuration

Configuration in the Controller Mode

Configuration in the Standalone Mode

Verification

Conclusion

QA

Introduction

Policy routing allows users to customize rules for the router to forward the packets. Once policy routing is configured and enabled, the router will check the source, destination, and protocol of the network traffic first. When the traffic matches the user-defined policies, it will be forwarded according to the specific polices. In this way, policy routing provides great flexibility for networking.

Requirements

  • Omada Gateway series
  • Omada Network 6.0 and above

Configuration

We will go through how to configure policy routing in both Controller Mode and Standalone Mode through the following case.

A company has subscribed to broadband services from two different Internet Service Providers (ISPs):

  • ISP A: offers a stable connection with low latency but provides limited bandwidth (100 Mbps) at a higher cost.
  • ISP B: offers greater bandwidth (1000 Mbps) at a lower cost, but experiences occasional network instability.

The company's network administrator is going to route internal traffic to different external internet connections based on departmental functions. Department A (192.168.10.1/24), which handles more critical operations, requires stable and reliable internet access from ISP A, while Department B's routine operations (192.168.20.1/24) utilize the high bandwidth from ISP B.

Show the network topology of the case.

Configuration in the Controller Mode

Step 1. Go to Network Config > Profile > Groups, click Create New Group.

Show the entrance to create a new IP group.

Step 2. Create an IP Group for Department A.

Select the Type as IP Group and fill in the IP Subnet as 192.168.10.1/24 and click Apply to save the configuration.

Show an example to configure the new IP group for department A.

Step 3. Create another IP Group for Department B (192.168.20.1/24) in the same way.

Show the result of the IP Groups' creation.

Step 4. Go to Network Config > Transmission > Routing > Policy Routing, click Create New Routing.

Show the entrance to create policy routing rules.

Step 2. Create a new rule to route all the data from department A to ISP A (connected to port WAN2) only. Please see the picture below for details.

Show an example to configure the policy routing rule for department A.

Note: “Use the other WAN port if the current one is down” is usually enabled. When it is enabled, the gateway checks if the WAN port is online before routing traffic. If the WAN port were offline, data would go through the other WAN. While it is not enabled, if the specified WAN port is down, the rule always takes effect, no matter whether the selected WAN is online or offline, resulting in the client losing the network connection.

Step 3. Create another rule to route all the data from department B to ISP B (connected to port WAN/LAN3) only in the same way.

Show the result of the rules' creation.

Configuration in the Standalone Mode

Step 1. Go to Preference > IP Group > IP Address and click Add to set an IP range.

Show the entrance to set an IP range.

Step 2. Select the IP address Type as needed. Here we select it as IP Address/Mask and enter 192.168.10.1/24.

Show an example to configure an IP range for department A.

Step 3. Create another IP range for Department B (192.168.20.1/24) in the same way.

Show the result of the IP ranges’ creation.

Step 4. Go to IP Group and click Add to create a new IP group.

Show the entrance to create a new IP group.

Step 5. Set a Group Name for the new IP Group and select the Address Name as the IP range we just created for department A.

Show an example to create a new IP group for department A.

Step 6. Create another IP group for department A in the same way.

Show the configuration result of the IP groups.

Step 7. Go to Transmission > Routing > Policy Routing and click Add to create a new rule.

Show the entrance to create a new policy routing rule.

Step 8. Configure the new rule to route all the data from department A to ISP A (connected to port WAN2) only. Please see the picture below for details.

Show an example to configure the policy routing rule for department A.

Note: The mode is usually selected as ” Priority”. In Priority Mode, the rule depends on the online detection result. If any WAN port that you specify is online, the rule will take effect. If all the WAN ports that you specify are offline, the rule will not take effect. While in Only Mode, the rule always takes effect regardless of the WAN port status or online detection result, resulting in the client losing the network connection.

Step 9. Create another rule to route all the data from department B to ISP B (connected to port WAN/LAN3) only in the same way.

Show the result of the rules' creation.

Verification

Visit https://whatismyipaddress.com/ with computers in Department A and B, and verify that the displayed IP matches the expected WAN IP.

Show an example of verification.

Conclusion

We have now covered how to configure Policy Routing in both Controller Mode and Standalone Mode.

Get to know more details of each function and configuration please go to Download Center to download the manual of your product.

QA

Q1: Which WAN port will subnets without policy routing configured use to access the internet?

A1: For subnets without Policy Routing configured, the Omada Gateway will forward data based on other configured rules, such as Load Balance, and Static Routes.

Please Rate this Document

Related Documents

How to configure Virtual WAN on Omada Gateway

Configuration Guide
06-25-2025
12336

How to configure Policy Routing on Dual WAN Router using the new GUI

Configuration Guide
12-27-2023
9663

How to configure LDAP on Omada Gateway

Configuration Guide
VPN
11-06-2024
19996

How to configure OpenVPN on Omada Gateway via Omada Controller

Configuration Guide
VPN
10-29-2024
22700

How To Configure the WAN Mode on an Omada Gateway

Configuration Guide
07-01-2024
19510

SubscribeTP-Link takes your privacy seriously. For further details on TP-Link's privacy practices, see TP-Link's Privacy Policy.

Be The First To Get Exclusive Deals & News

Email Error

Let's Connect

About
Press
Buy Now
Partners
Learning Center
Tools
TP-Link Omada Omada Pro VIGI
United States / English

©2026 TP-Link Systems Inc. and its affiliated companies. All rights reserved.

TP-Link, Tapo, Kasa, Omada, VIGI, Aginet, HomeShield, and Tapo Care branded products are products of TP-Link Systems Inc. or its affiliates.
Note: Some services and materials may require you to accept additional terms and conditions before access or use.
References to "TP-Link" may include TP-Link Systems Inc., its subsidiaries, or business units within the TP-Link corporate structure, as applicable.
The materials provided, including but not limited to press releases, presentations, blog posts, and webcasts, are current as of the date of publication and may be superseded by subsequent updates.

As explained further in our website Privacy Policy, we allow certain advertising partners to collect information from our website through cookies and similar technologies to deliver ads which are more relevant to you, and assist us with advertising-related analytics (e.g., measuring ad performance, optimizing our ad campaigns). This may be considered "selling" or "sharing"/disclosure of personal data for "targeted advertising" as defined by certain U.S. state laws. To opt out of these activities, press "Opt Out" below. If the toggle below for "Targeted Advertising and 'Sale' Cookies" is to the left, you are already opted out and you can close these preferences.

Please note that your choice will apply only to your current device/browser. You must indicate your choice on each device and browser you use to access our website. If you clear your cookies or your browser is set to do so, you must opt out again.

Your Privacy Choices

As explained further in our website Privacy Policy, we allow certain advertising partners to collect information from our website through cookies and similar technologies to deliver ads which are more relevant to you, and assist us with advertising-related analytics (e.g., measuring ad performance, optimizing our ad campaigns). This may be considered "selling" or "sharing"/disclosure of personal data for "targeted advertising" as defined by certain U.S. state laws. To opt out of these activities, press "Opt Out" below. If the toggle below for "Targeted Advertising and 'Sale' Cookies" is to the left, you are already opted out and you can close these preferences.

Please note that your choice will apply only to your current device/browser. You must indicate your choice on each device and browser you use to access our website. If you clear your cookies or your browser is set to do so, you must opt out again.

Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off.

TP-Link

SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_banner, tp_privacy_base, tp_privacy_marketing, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Zendesk

OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance

Targeted Advertising and "Sale" Cookies

These cookies allow targeted ads or the "sale" of personal data (toggle to the left to opt out).

Analytics cookies enable us to analyze your activities on our and other websites in order to improve and adapt the functionality of our website and our ad campaigns.

Advertising cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au

Meta Pixel

_fbp

Crazy Egg

cebsp_, _ce.s, _ce.clock_data, _ce.clock_event, cebs

Linkedin

lidc, AnalyticsSyncHistory, UserMatchHistory, bcookie, li_sugr, ln_or

Reddit

_rdt_uuid

Welcome to Our Website! If you stay on our site, we and our third-party partners use cookies, pixels, and other tracking technologies to better understand how you use our site, provide and improve our services, and personalize your experience and ads based on your interests. Learn more in your privacy choices.