In the old days, only “important” traffic was using HTTPS, so setting an outbound policy of with a Peristence rule for TCP / Port 443 made sense: the “important” traffic would stay on a single WAN, and other day to day traffic would be distrubted across WANs.
These days, the vast majority of traffic is on HTTPS.
I’m finding that my HTTPS Persistence Outbound rule is causing many of my client machines to get “stuck” on a single WAN, which effectively reduces the ability to load balance incoming traffic.
I have two WANS:
WAN 1 has 20mpbs upload and 20mbps download (symmetrical fiber)
WAN 2 has 20mbps upload and 400mbps download (cable modem)
My current Outbound Policy:
- HTTPS_Persistence (all TCP traffic on port 443)
- Default: Weighted balance 10:10
Can anyone suggest a better setup? Basically I’d like to make sure that WAN2 is used for big file downloads. Currently it’s almost never used, most traffic seems to be going in/out on WAN1.