Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Different rules per interface under WAN zone?

Hello Guys,

 

So we have 3 WAN interfaces connected to our Sophos.
These WANs are really different in their performance (download/upload speed) and even BW limitations.

*These are satellite links.

Anyway, i'm trying to set rules depending on the outgoing interface, but all i can do is "zone" which includes all of the 3.

I want for example - if only the "slow" WAN is available - i need to limit/block lots of things
On the other side, if the "fast" WAN is available - most of the traffic will be allowed.

But as it seems, i can choose "WAN" as outoging zone - so i cannot differentiate between each interface.

 

The only option for me is to use 3 separate zones, and avoid using the WAN zone? 

 

Thank you. 



This thread was automatically locked due to age.
Parents Reply
  • Sagi,

    on v18, you need to use SD-WAN and make sure that SD-WAN takes precedence than static routes. You can check the route precedence on XG console:

    system route_precedence show

    On v17, you can select the gateway you want from the firewall rule.

    If it does not work, please share the firewall rules.

    Regards

Children