This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable Uplink Balancing / Multipath Rules Issue

Hello,

I have automatically enabled uplink balancing in my Sophos. I use multi path rules to be able to change internet traffic to External WAN Interface or to route traffic over VPN Connection Interface. (VPN Router is in DMZ)

 

Example Multipath Rule:

MAC    Any    Internet IPv4 
  External (WAN) 

switching Rule On:

MAC    Any    Internet IPv4 
  VPN Network 

 

I tried now to disable Uplink balancing, but this set my defined multi path rules by bind interface to undefined.

When Uplink balancing is disabled, I also have the issue that I cannot choose anymore between the VPN Interface and External WAN Interface.

Can someone please help me how can I disable Uplink Balancing, but still be able to route traffic via Interface?

 

Thx



This thread was automatically locked due to age.
Parents
  • Why do you want to disable Uplink Balancing?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

    while I would like to define by myself over which interface I send my traffic

    Best regards

    Sally

  • Show us pictures of the Edits of your Multipath rules and tell us more about what traffic should go where.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

    here are 2 rules as example. first rule is Mac via external (WAN) on Top, and later Rule is Internal LAN via DMZ VPN. With this I can activate the Mac rule, 

    so just for the Mac, the traffic goes to External (WAN) Interface. When I toggle of the Mac Rule, the traffic is routed  as in Rule 6 Internal LAN via the DMZ VPN Interface.

     

    Best regards

    Sally

  • Those look correct , although you might want "Any" instead of "Internal (Network)" in the 'Source' field.  I would leave Uplink Balancing active.

    You also might want to make a separate Web Filtering Profile that applies only to the "MAC" object.

    I still don't understand what you're trying to fix.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks Bob, you mean Any at the Bottom of the Multipath Rules, so I can add before more specific device rules like for example TV – Netflix – External (WAN) etc?

     

    I have 2 Webfilter Profiles Standard Proxy Mode and Default Profile Transparent as Fallback.

     

    Im trying the following, hope it made sense :)

     

    Under Interfaces DMZ VPN I had to add the VPN Routers IP as Gateway, that the Router establish the VPN Connection. As the DMZ Interface should not have defined a Gateway, for security purposes, how can I remove the Gateway, but still be able that the router connects to the VPN?

      

    Under External (WAN) I have the Provider Modem Connected, Dynamic IP / and Default Gateway, that’s why the Uplink Balancing automatically turn on when having 2 Gateways defined.

     

    How can I set Uplink Balancing, just to use the DMZ VPN, and if the connection fails, no Internet Connection should be established, or manually define which traffic go to External (WAN) Interface or to DMZ VPN Interface?

    Thx

Reply
  • Thanks Bob, you mean Any at the Bottom of the Multipath Rules, so I can add before more specific device rules like for example TV – Netflix – External (WAN) etc?

     

    I have 2 Webfilter Profiles Standard Proxy Mode and Default Profile Transparent as Fallback.

     

    Im trying the following, hope it made sense :)

     

    Under Interfaces DMZ VPN I had to add the VPN Routers IP as Gateway, that the Router establish the VPN Connection. As the DMZ Interface should not have defined a Gateway, for security purposes, how can I remove the Gateway, but still be able that the router connects to the VPN?

      

    Under External (WAN) I have the Provider Modem Connected, Dynamic IP / and Default Gateway, that’s why the Uplink Balancing automatically turn on when having 2 Gateways defined.

     

    How can I set Uplink Balancing, just to use the DMZ VPN, and if the connection fails, no Internet Connection should be established, or manually define which traffic go to External (WAN) Interface or to DMZ VPN Interface?

    Thx

Children