Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Different rules per interface under WAN zone?

Hello Guys,

 

So we have 3 WAN interfaces connected to our Sophos.
These WANs are really different in their performance (download/upload speed) and even BW limitations.

*These are satellite links.

Anyway, i'm trying to set rules depending on the outgoing interface, but all i can do is "zone" which includes all of the 3.

I want for example - if only the "slow" WAN is available - i need to limit/block lots of things
On the other side, if the "fast" WAN is available - most of the traffic will be allowed.

But as it seems, i can choose "WAN" as outoging zone - so i cannot differentiate between each interface.

 

The only option for me is to use 3 separate zones, and avoid using the WAN zone? 

 

Thank you. 



This thread was automatically locked due to age.
Parents Reply
  • Hi Luk,

    First, thank you very much for the help here!

     

    I'm out of the office atm, tomorrow's morning i will share the configurations.

     

    Meanwhile:
    SD-WAN does take precedence over static/vpn.
    Traffic is able to pass from LAN --> WAN.
    If the 1st gateway is down, taffic will be routed via the 2nd gateway. 

    But i'm still struggling to find where i configure different QOS/Traffic shaping for each ISP individually.

    Hope tomorrow you will help to find an answer for that!

    Thanks again, and great night.

    Sagi.

Children