We have this scenario where in we have a branch location and the location is connected using 2 P2P Links. At HO side we have Sophos XG330 and BO its a Sonicwall.
The P2P links on XG330 are in DMZ zone, we have created custom gateway and have configured a SD-WAN Route. - refer screenshot. the Route precedence is set to
console> system route_precedence shRouting Precedence:1. SD-WAN policy routes2. VPN routes3. Static routes
Issue is we are not able to ping / reach the Branch Local LAN with this. The moment we add a Static route, we are able to reach.
Kindly share the details of the firewall rules created.
Later, initiate the ping from the LAN to MPLS network and collect the tcpdump on destination IP and observe whether it is being sent out via the specified port or not.
You may also try linking the NAT on the firewall rule created and if still does not help. Raise the ticket with the support to investigate it further and DM me the case ID.
Mayur MakvanaTechnical Account Manager | Sophos Technical SupportSophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |If a post solves your question use the 'This helped me' link.
Both the P2P Links are in DMZ Zone. We have created the Rule for LAN to DMZ and DMZ to LAN. Also, we are able to ping the BO End Interface IP (172.16.16.6).
I'll try linking NAT rule for the same. And revert you with the tcpdump too.