Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 2406 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG High Availability with PPPoE

Marco Camacho2

We have a setup with 2 x XG230 configured with HA active / passive with PPPoE on PortA2.
Primary Sophos PortA2 connects to ISP Primary router and Aux Sophos PortA2 connects to ISP Aux Router.
Port A2 is set as monitored interface.
ISP Primary router has 3 redundant links (PL1,PL2 and PL3) and ISP Aux router has 2 (AL1 and AL2) running OSPF.
So we the ISP have fail over covered.
The problem is if PL1,PL2 and PL3 die for what ever reason, the primary Sophos PPPoE stays connected and failover doesn't occur.
The only way fail over to Aux sophos if the ISP primary router looses power, then Sophos detects port down and fail over occurs with the PPPoE connecting on ISP Aux Router.
P.S There is no WAN link manager as there is only 1 WAN.
I need a solution if indeed the 3 links fail the HA kicks in.
This is a client that is a broadcast house and needs connectivity 24x7x365.



This thread was automatically locked due to age.
Parents
  • 0

    Hi   Thank you for reaching out to the Sophos community team. Here based on provided information and setup, I can think below possibility as of now.

    On ISP Primary Router, when all  3 links fail at that time if you may trigger a Port shutdown event in an automated way with available configuration options on the router, for the router port/Interface which connected to PPPoE PortA2 on Primary Sophos then Primary Sophos will trigger HA failover ( As Port A2 is set as the monitored interface and down event of same will trigger HA failover from Primary to Aux).

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Vishal_R

    That's an idea. I can script it on the mikrotik. Is it normal for the sophos to reboot on port down detection?

Reply Children
Unfiltered HTML