Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 39 subscribers
  • Views 1041 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deploy two sophos in different locations sharing wan network and default gateway.

Roberto Sanchez

Hi,

I am trying to deploy the following scheme.

A sophos xg at site 1 (WAN IP a.b.c.10)  and another sophos xg at site 2 (WAN IP a.b.c.11). Both share wan network (a.b.c.x) and have the same defaulf gateway (a.b.c.1).

The problem I am having in this situation is that  SophosB ip "a.b.c.11"  seems to be being published on SophosA too and is causing flapping on the CORES what is provocating network problems.

I think that I would need that each sophos xg publishes only the ips that it has defined in its interfaces, as aliases or in the NAT rules (public IP<-->internal IP).

 

Does anyone have any suggestions?
Thanks in advance.

Regards,

Roberto Sánchez.



This thread was automatically locked due to age.
  • 0

    Hi all,

    I think I figured out what is the problem. The thing is that in reality what is in each site is an active-passive HA cluster. From what I've been seeing, the virtual mac of each cluster matches hence the ARP problems.
    What I have to do is to change the mac in one of the clusters.

    I will try to see how to do it

    Regards,

    Roberto Sánchez.

Unfiltered HTML