This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED of two Virtual XG's: How to route traffic through Main-Side??

Hello,

I have two virtual sophos XG appliances connected through RED.

This works pretty well, and currently they are acting (per default) in Standard/Split configuration.

However, since security measurements become more and more important, we want to route the whole traffic of the Client Site through the Server Site, as in the picture below. Somehow I can't get that to work. https://9apps.ooo/

I double checked, and there seems to be no way to select operation modes of the RED tunnel when not using a physical RED device. 



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi Mason, You can't select the configuration mode with RED Site to Site tunnel in between two XG firewalls.

    If you want to route all the traffic from one location to the other loation, You can add a default static route pointing towards the other end of RED tunnel's IP and select the Same RED Site to Site interface.

    After this, you can set the static route to the highest priority by running this command in the device console

    (Option 4) --> system route_precedence set static sdwan_policyroute vpn.

    Attaching snapshots here for your reference



Reply
  • FormerMember
    0 FormerMember

    Hi Mason, You can't select the configuration mode with RED Site to Site tunnel in between two XG firewalls.

    If you want to route all the traffic from one location to the other loation, You can add a default static route pointing towards the other end of RED tunnel's IP and select the Same RED Site to Site interface.

    After this, you can set the static route to the highest priority by running this command in the device console

    (Option 4) --> system route_precedence set static sdwan_policyroute vpn.

    Attaching snapshots here for your reference



Children
No Data