I have Ports 2 and Port 4 configured as WAN, both active with weighting of 1.
Both are connected to Comcast BUT separate internet connections, one is from my house, one from next door.
It appears by Speed Testing that both are passing download traffic, upload looks like only one is passing traffic.
If I do a Tracert -d 18.104.22.168 it always goes thru the feed at my house, the other house would show a Gateway of 192.168.4.1 in the trace.
With the primary disabled the secondary will pass traffic.
Is this normal?
Hi Peter, you should keep one of the link failover rules active, just modify it as necessary - its the way the firewall ensures the links are up and healthy, otherwise it will mark as inactive.
Hi Peter Gilvarry,
When adding a new WAN link, it is active by default and so the default action is to load balance using a weighted round-robin algorithm. If you set both as 1 then it's weighted equally.
A reason it could be defaulting to your home WAN link could be due to link failover. When you add a gateway, Sophos Firewall adds a default failover rule: If Sophos Firewall can't ping the recently added gateway IP address, the gateway is considered down and traffic is redirected to other active gateway.
Source: Configure gateway load balancing and failover
Sorry, that seems to have messed something up, the "Status" button in WAN Link Manager is now red for both gateways, however it is still passing traffic.
I am trying to link aggregate the 2 ISP inputs to increase bandwidth.
Both are set to ACTIVE and rules are not checked.
I was using an Ubiquiti device before to aggregate the 2 feeds, trying to do away with that.
You can also check dgd.log for status of your gateways, might give you a clue as to why your home link is always defaulting as the only active link.