This allows you to set networking parameters for your gateway, including WAN1, WAN2 settings, Cellular connection, and DDNS. You can access this page through Configure > Gateway > Interface

Operation mode


In this mode, the EnGenius Gateway acts as a layer 3 routing gateway between WAN and LAN interfaces. Client outbound traffic to the Internet is source Network Address Translated (NATed) with the gateway’s WAN1/WAN2 IP address. As a layer 3 routing gateway, LAN-to-LAN traffic passing through the gateway can also be bridged or routed and can be controlled by outbound firewall rules as well.


In this mode, the EnGenius Security Gateway acts as a layer 2 bridge that does not perform any routing or network address translation for client outbound traffic for Internet access. This mode is usually used when you want to put the EnGenius Security Gateway between a customer's existing external NAT device and an internal L2/L3 switch. And you want to deploy EnGenius Security Gateway to provide firewall filtering and VPN services without changing the existing IP subnet address planning.


EnGenius Security Gateway can support dual WAN(WAN1/WAN2) configurations for dual WAN load balance and redundancy. Below are the WAN1 configuration settings. For the connection type, the Interface can be configured to DHCP to dynamically obtain an IP address or to static IP to manually configure the IP address or to use PPPoE to authenticate the gateway to an Internet Service Provider (ISP)

  • Name: the WAN Interface Name

  • DHCP: When you select DHCP, the gateway will automatically configure its IP address, subnet mask, and default gateway for the WAN interface.

  • PPPoE: Point-to-Point Protocol over Ethernet (PPPoE) is a specification used to authenticate a networking device to an Internet Service Provider (ISP). Selecting PPPoE will allow you to enter the following information:

  • Username: Enter the username associated with your ISP. This is a required field.

  • Password: Enter the password associated with your ISP. This is a required field.

  • DNS Server: you can choose the DNS server from ISP or use Google Public DNS ( or specify nameservers entered in the Primary DNS and Secondary DNS.

  • VLAN id: Enter the VLAN id from 1-4094.

  • ISP Bandwidth: you should check with your ISP (Internet Service Provider) for the actual Download/Upload bandwidth. The ISP Bandwidth is used in WAN link utilization and dual WAN outbound sessions load balance calculations.


EnGenius Security Gateway can support dual WAN(WAN1/WAN2) configurations for dual WAN load balance and redundancy. To deploy dual WAN configuration, you have to enter the following WAN2 settings. After WAN2 is enabled and settings configured here, the WAN2/P3 port will act as the WAN2 port.

Dual WAN Preference:

Primary WAN Interface: either WAN1 or WAN2 can be selected as the Primary WAN Interface in a dual WAN configuration deployment.

Load Policy:

  • Failover: When both WAN1 and WAN2 are up, only the Primary WAN is active for inbound and outbound services. If the Primary WAN is down, automatic WAN failover will occur then the other WAN will take over and become active for services. (PS: currently for inbound Client VPN and Site to Site VPN services, automatic WAN failover is not yet supported. When your Primary WAN is down, for the other WAN to take over Client VPN and Site to Site VPN services, you have to manually reconfigure the other WAN as the new Primary WAN.)

  • Load balance: For inbound services, the usage and restriction are the same as Failover. for the client's outbound Internet access traffic sessions, when both WAN1 and WAN2 are up, both WAN1 and WAN2 are used for outbound connections. The session load balance distribution algorithm is based on WRR(Weighted Round Robin) using WAN1/WAN2 upload bandwidth.

Cellular Connection

Cellular networks are high-speed, high-capacity voice and data communication networks with enhanced multimedia and seamless roaming capabilities for supporting cellular devices. With the increase in popularity of cellular devices, these networks are used for more than just entertainment and phone calls. They have become the primary means of communication for finance-sensitive business transactions, emergency services, etc. WAN connectivity options, such as cellular networks, now also serve as a reliable backup internet uplink in the event of a primary uplink failure. You can plug in the USB modern in the EnGenius Gateway and configure the following settings.

  • SIM PIN: Enter the Security Code on the SIM to prevent unauthorized use of the card.

  • Dial on Demand: Only connect when traffic is sent over the interface.

  • Idle timeout: If there is no traffic on the interface for the given minutes, the gateway will disconnect the link.


We offer the EnGenius Security Gateway that supports Dynamic DNS (DDNS) service by default. With this feature, users can have a hostname associated specifically with the ESG WAN interfaces. ESG uses Dynamic DNS (DDNS) to update a registered DNS hostname A record automatically each time its Primary WAN IP address changes. This feature is useful because it allows the administrator to configure applications such as client VPN to access the EnGenius Gateway by its hostname which is static instead of an IP address that may change over time. When the Primary WAN is down, EnGenius Security Gateway will use the public WAN IP of the other WAN for DDNS update.

Better to know

It's important to be aware that DDNS hostnames are associated with the specific network to which the ESG belongs. If the device is moved to a different organization or network, the DDNS hostname will change accordingly.

  • DDNS Enable: click the button to enable/disable the DDNS service.

  • DDNS Providers: Select your DDNS service provider from the pull-down menu, if your DDNS service provider is not in the list, please select Custom

  • Username: input your registered username

  • Password: input your registered password

  • Hostname: input your registered DDNS FQDN hostname

  • Enter other required information from your DDNS Service Provider

Last updated