Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ROUTING TRAFFIC TO A DESTINATION VIA A SPECIFIC WAN INTERFACE [SD-WAN ROUTING]

Hi All,

Scenario:

  • XGS 136 firewall with two WAN links [Wan1 and Wan2]
  • Server/URL on the Internet that has a static IP [x.x.x.x]
  • Single LAN for the internal users

Requirement:

  • LAN users to use WAN1 for general Internet traffic 
  • LAN users to use WAN2 when the destination is x.x.x.x

Configuration:

  • Specified x.x.x.x as an IP host via Host and Services
  • Created an SD WAN Route policy stating that traffic from any incoming interface or source network with destination network as the IP host should use the Primary/Backup gateway link selection settings. 
  • Link selection setting specifies WAN2 as the primary gateway and backup gateway as none.

The above configuration does not appear to work despite this. Can anyone tell me what I might be missing?



This thread was automatically locked due to age.
Parents Reply Children
  • Hi  ,

    I checked the routing precedence and did a packet capture. The traffic still goes out through the default firewall rule and associated NAT ID. The SD-WAN rule shows zero traffic logged against in/out showing the rule is not in use. 

    Has anyone actually done this before on the XG as it works for source based policy routing for users but no heard of destination based policys with FQDN. 

  • please post your SD WAN rules which are defined (check sd wan rule shows IN OUT traffic ?)

    do packet capture to check the traffic flow

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.