Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HairPin NAT Sophos XG310 Configuration

Good morning everyone,

 

I am currently in troubble with my Sophos XG310 configuration.

 

The following issue exists:

 

Sophos XG310 Firmware 17.5.9

WAN 1 on Port 5 (Fibre direct primary WAN)

WAN 2 on Port 6 (Fibre solo secondary WAN)

All our WAN Traffic is going out via the WAN 1 Gateway (port 5).

At least we have 3 VLANs, which should use the WAN 2 Gateway (port 6) as default.
Guest VLAN, Customers VLAN und Lab VLAN

People or Devices in the VLAN "Customer" are calling the Domain "https://webmail.domain.tld".

This Domain resolves to an IPv4 address on the WAN1 Interface.

The XG310 redirects the Traffic from WAN 2 (port 6) to the internal IP of the NAT from the WAN 1.

The way should be:

Client (10.10.28.29/22) -> Accessing https://webmail.domain.tld -> External WAN IP of WAN 1 (87.44.XX.XXX) -> Sophos NAT to internal IP

 

Actually I configured it on this Way:

Firewall Rule which access the devices from the Guest-, Customer- and Lab VLAN to the internal IP Adress of the service.

How I can configure this ?



This thread was automatically locked due to age.