Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 38 subscribers
  • Views 12569 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Public IP Subnets and multiple wan ip addresses

LiviuCraciun

Hello!

I have a public ip subnet allocated by the internet provider on the main internet ip and also a secondary internet ip (that uses the same gateway as the main ip address)

I have 2 questions:
 - how can I configure the public ip subnet in the policies (without nat) so all the internet requests will be forwarded directly to the servers behind the firewall disregarding the port used?
- how can I specify that certain types of traffic must exit to the internet only on the wan secondary ip? (the secondary ip is defined as an alias on the wan port)



This thread was automatically locked due to age.
Parents
  • 0

    Hi Liviu,

    I am unable to understand your requirements.

     - how can I configure the public ip subnet in the policies (without nat) so all the internet requests will be forwarded directly to the servers behind the firewall disregarding the port used?

    Are you trying to map the internal requests directly on the Servers ? OR 

    Do you want to host your Server resources through the Public IP, in technical term "Virtual Host"?

    Next, how can I specify that certain types of traffic must exit to the internet only on the wan secondary ip? (the secondary ip is defined as an alias on the wan port.

    To achieve this you can simply create a Firewall Rule and create a MASQ to NAT traffic to WAN's secondary IP. PFA screenshot:

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply
  • 0

    Hi Liviu,

    I am unable to understand your requirements.

     - how can I configure the public ip subnet in the policies (without nat) so all the internet requests will be forwarded directly to the servers behind the firewall disregarding the port used?

    Are you trying to map the internal requests directly on the Servers ? OR 

    Do you want to host your Server resources through the Public IP, in technical term "Virtual Host"?

    Next, how can I specify that certain types of traffic must exit to the internet only on the wan secondary ip? (the secondary ip is defined as an alias on the wan port.

    To achieve this you can simply create a Firewall Rule and create a MASQ to NAT traffic to WAN's secondary IP. PFA screenshot:

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children
No Data
Unfiltered HTML