Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 2 answers
  • Subscribers 42 subscribers
  • Views 3676 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem in using 2 wan links

pablo carvali

Hi,

I'm new to Sophos V19. I have 2 wan links from different ISPs. I don't want to do any load balancing. All I want to do is to access some websites using wan1 link, and some other websites with wan2.

I was able to do this in previous versions from this path: Policy > Nat & Routing > Primary gateway

but in the current version, when both links are in Active mode, one of them (or both) never works. Even when I change weights the problem persists.

The only way to make these links work, is to put one of them in Active mode & the other one in Backup mode. However, this is not how I want to use these to links.

I want both of them to be Active, one of them for some policies (and sites) and the other one for some other policies.

How can I sovle this problem.



This thread was automatically locked due to age.
Parents
  • 0

    I think you should be able to use SD-WAN routes for this. You can make a FQDN host (group) for the site(s) you want to route to the alternative gateway and use this in your SD-WAN route as the first route. Traffic matching this will either use the primary/backup gateways configured.

    Then make a second SD-WAN route for the rest of the traffic and again select primary/backup gateways, but now switch primary and backup from the previous.

    You can also leave the backup gateway to None to not even use the second gateway when the first gateway should go down.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Thanks. Sorry if my question is simple, but I wanted to know if I need a firewall rule for each SD-WAN route that I write as well?

    And also, in this senario, should I put both WAN links in Active mode with equal weights?

  • 0 in reply to pablo carvali

    Using SD-WAN routes you can decide what traffic will go to which gateway and the weights in the normal load balancer are not used for that.

    You can also only create 1 SD-WAN route for traffic that should only ever use the same gateway and leave all the rest to the load balancer.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • 0 in reply to pablo carvali

    Using SD-WAN routes you can decide what traffic will go to which gateway and the weights in the normal load balancer are not used for that.

    You can also only create 1 SD-WAN route for traffic that should only ever use the same gateway and leave all the rest to the load balancer.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
No Data
Unfiltered HTML