Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 1410 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple gateways issue

aaa kkk

Hello,

I have two different gateways as follows:

1: ISP (pppoe)

2: Wireguard (192.168.1.10)

I have a rule that forwards specific destination fqdns/ips via wireguard gateway, nat rule with translated snat as Wireguard (192.168.1.10).

Everything works as expected except in the following scenario:

When I create a new rule, and select a specific network/device as source and disable web policy so it doesn't go through default firewall rule, nat rule snat as MASQ. Instead of going through ISP gateway the traffic goes through wireguard interface.

I have tried everything else but can't figure out how I can fix this.

Would appreciate any help from you guys.

Thanks



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Vivek Jagad
    Vivek Jagad said:

    Hey aaa kkk , thank you for reaching out to the community, use SD-WAN and refer the RR - Sophos Firewall: How to Choose The Gateway For A Firewall Rule.

    I have the rules as following:

    Main firewall Rule & NAT:

    Then the rule "Wireguard" which routes select IPs/FQDNs via Wireguard interface:

    Now, I created a rule for a mobile device so that it doesn't have any web policy enforced and is supposed to go through default ISP gateway:


    Now this phone device should go through the default gateway if I understand correctly and as it was back before v18? but it goes through the Wireguard gateway, I have tried this rule without creating a NAT which should utilize the default NAT but it doesn't. Would appreciate how to achieve this?

    Here's the routing page screenshot:

    Would appreciate any help.

    Thanks

Children
No Data
Unfiltered HTML