Run the Conductor as an Airwall Relay

For small to moderate Airwall secure networks, it may make sense to run your Conductor as a relay, rather than having a separate Airwall Relay. Since Airwalls must all be able to reach the Conductor, using it as an Airwall Relay simplifies your deployment.

For cloud deployments, a Conductor relay also reduces costs because it requires fewer instances and saves an elastic IP.

Supported versions

v3.1.0 Conductor

v2.2 or later Airwall Gateways

Before you begin

To run your Conductor as a relay, you need:

  • Conductor license
  • Airwall Relay license
Important: If you use the Conductor as a relay on a busy overlay network, it may impact the performance of the overlay network. if you require more than 100 concurrent tunnels, you should consider deploying dedicated Airwall Gateways as relays.
Note: You can use the Conductor as a relay in addition to having dedicated Airwall Gateway relays.

Set up your Conductor as an Airwall Relay

  1. Go to Settings > General Settings.
  2. Under Orchestration Settings > Airwall-Airwall Conductor networking, select Edit Settings.
  3. Under Conductor HIP settings check Allow using this Conductor as an Airwall Relay.
    • Conductor version 3.2.3 and earlier: check Allow using this Conductor as an Airwall Relay.
    • Conductor version 3.3.0 and later: check Enable HIP on Conductor, then check Allow using this Conductor as an Airwall Relay.
  4. Select Save.
  5. On the Airwall Conductor Reboot page, select Reboot.
  6. Allow the Conductor to finish rebooting.
    You can now use the Conductor relay in an overlay and in relay rules. For more information, see Use a Conductor relay in an Overlay and Configure Airwall Relay rules
If you need to monitor relay sessions, see Monitor Relay Sessions.

Use a Conductor relay in an Overlay

Once you've configured the Conductor to allow it acting as a relay, you can use it in an overlay.

  1. Open or create an overlay where you want the Conductor to act as an Airwall Relay.
  2. On the overlay, set up device trust as desired.
  3. On right side Info tab, under Managed relay, toggle to Enabled.
  4. Check Use Conductor as an Airwall Relay.
  5. You can also select other relays if you have configured additional Airwall Gateways to be used as relays.