We'd love to hear about it! Click here to go to the product suggestion community
Kindly i need any assist with the below issue as it doesn't work on sophos xg 17.5.5 .
I have 2 different sources and 2 different wan gateways on the internet each one of the sources need to access specific websites (controlled through web filter ) through Gateway 1 "primary"and other websites through Gateway 2 "secondary"
- Issue when try to apply that on the network rule and masq the sources with the ip of the primary gateway it doesn't work.and same for the secondary gateway.
Appreciate your help
please post a copy of the rules.
In reply to rfcat_vk:
Here we go the most important part that i can fetch as the above is just the source from lan zone to wan any destination host and web filter profile applied
there's a wan load balancing between the 2 different gateways and i need to differentiate between both of them as above
In reply to Manar10:
Thank you, but that wasn't part I was after.
If you want to use different gateways you need to put the gateway in the firewall rule, you need to identify which destination as well.
That definitely happened while creating any rule on sophos ,but it's not on working on XG.
Is there any suggestion
I don't fully understand what you are saying, but it does imply you have a configuration error.
Please post the offending firewall rules.
let me explain again i have 2 routers apply on them load balancing
Zone : Lan Source : host 192.168.1.0/24
Zone : Wan Destination : Any host
webpolicy : "profile applied to specific URLs"
As per the screenshot i need to select "instead of wan link load balancing" for the gateway the 1st one and masq the traffic with it.
Same happened on the second rule for the 2nd gateway
hope that's clear enough to mention what i need
You should get a drop menu showing you both gateways, the default is load balance even if you only have one gateway.
XG acts as First Match Firewall.
The First matching Rule will always match and the stick on this rule.
Selector is Source IP, Destination IP and Service.
If you have a Rule LAN to WAN Service ANY on Top, this will match for Traffic coming from LAN going to WAN. All LAN to WAN Rules will not Match above this rule.
And in this rule you can specify, which Gateway should be used.
If you use MASQ on Interface, XG will SNAT all traffic on the correct interface.
For more information: https://community.sophos.com/kb/en-us/123530
In reply to LuCar Toni:
i understand that and there's no rule above to match for any services from Lan to wan zones
Are you talking about numerical order or place order?
And can you describe your exact issue with Logs or Dumps?