I have android boxes for IPTV streaming. I can see it uses SSL Traffic over non-SSL ports, as those are the main application type that consumes a ton of data from the boxes. I have 2 WAN links, WAN1 and WAN2. WAN2 is set as BACKUP, and to activate if any link is DOWN.
I created SD-WAN routes. Please see my rule below. Yet, the Android boxes still use WAN2 when WAN1 is down.
Apart from this, is there anything else that needs to be done? Any firewall rules needed?
Hello jang430,Thank you for reaching out to the community, this looks fine additionally you can also refer a recommended read: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/136192…
Hello jang430,Thank you for reaching out to the community, this looks fine additionally you can also refer a recommended read: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/136192/sophos-firewall-v19-how-to-choose-the-gateway-for-a-firewall-rule
Thanks & Regards,
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Hello Vivek Jagad
I read above article, and it says how to configure SD-WAN Profile and SD-WAN routes. But I only want the traffic to pass through just single WAN link. By selecting only 1 WAN connection in SD-WAN Profile, the profile name has a red dot instead of green.
Still no solution to have that type of application pass through just single WAN link.
Hey jang430,In that scenario you do need to create any sd-wan profile, just follow the "1.) Traditional Settings For Primary and Backup Gateway:" Link selection settings > Primary and backup gateways !!
Yes, I chose Primary and Backup, and only selected Primary, without BAckup. I also ticked the Route only through specified gateways. Still traffic passes through to Backup.
Did you ensure the SD wan rule is on the top, if not you can simply drag the rule to the top !!============And also ensure what is the route precedence under the routing > SD wan routes !!
Ok, this I have to check. Will revert back.Edit: I only have 1 SD-WAN Rule.
Do I need to create Firewall rule?
if you follow the first 6 steps mentioned in 1.) Traditional Settings For Primary and Backup Gateway:" then it will be sufficient to achieve the goal !!
Thanks, will revisit and check.