Hello, we notice very strange behaviour of our Firewall. When connecting a Device on the network we see that we can ping devices in directly on the firewall attached devices without any issues. For the internet and networks that are connected indirectly…
Hello
We would like to set up mpls as backup for ipsec according to sophos when we establish ipsec and mpls static route the ipsec is the primary because it has the highest precedence
In our case we established ipsec and it didn't work unless we added…
Good Day.
I have two Sophos firewalls linked via LAN cable, as below
The routing rule and firewall policy are set between firewalls to Allow LAN networks to Access each other on both sites.
and everything is okay, we can access servers and clients…
Hello All,
Need help with Failover - I've a XG106 with MPLS Terminated on it and ILL. IPSec Tunnel is formed between HO and this XG106.
I want to achieve Failover of Connectivity to HO on IPSec Tunnel in event of MPLS down, using SD-WAN. Tried seaching…
I tell you that during the migration of a Fortinet FW to Sophos, we have some doubts about the routing issue.
Example:
Routing to Migrate
Destination IP/Mask 172.17.0.0/255.255.0.0
Device: VPN-Gto (This is a Site to Site tunnel, however, even putting…
Hi All, newbie in Networking. Currently, we have this network setup
We are planning to get an additional ISP exclusive for one of our departments. Is it possible to connect another modem(ISP) to our router and which configurations should I do to…
Hi everyone,
Maybe I'm doing something wrong but I can not have all my offices browse each other on MPLS connection...
First of all each office has a connection, managed externally by one ISP, with its own router and each is part of a big MPLS. On…
Hello everyone,
I have the following network map layout:
I use a dual-WAN bandwidth aggregation configuration rather than a failover one for most of the interfaces. However, I look forward to assigning my TrueNAS server (VLAN 9) to only use WAN…
Hello,
I hope somebody can give me a hint...
I got a 18.5.2 with 2 seperate WAN links and I want some clients to use link1 default, failover to the second if it is not available. I also managed that, BUT:
I couldn't find a way to tell SD WAN…
Hello everyone,
Sorry for being a noob here. I have the following network map layout:
I use a dual-WAN bandwidth aggregation configuration rather than a failover one for most of the interfaces. However, I look forward to:
Assign my TrueNAS server…
Hey All,
I was kinda wondering, I Sophos V17 you could select the NAT on the FW rule itself and that that's the route it would take
But now in V18 its separated, If you have one link can you add NAT rules on its own with no SD WAN routing would…
HI,
We have 3 ISP(ISP1, ISP2 and ISP3) connected to our firewall in our HQ. In our HQ we have at least 5 subnets. My question is can i let some subnet to utilize only ISP2 for internet, not just internet but fully utilize the link. The other link i…
Hi,
I'm attempting to get WAN failover working across sites using OSPF (default information originate). The issue is with getting the local default route disabled in case the local Internet connection drops. Can you please let me know what is the correct…
Hello Community,
I have a strange issue with two VPN Tunnels and OSPF. For this tunnels the Firewall says that the Area ID 0.49.1.0 is invalid. On some other sites the Area works. 10.10.241.85 is the local firewall, the other firewall (on the other…
Kindly help.
I configured a load balance on two ISP links for my users.
Among those users, I want some specific users to make use of just one of the ISPs only whole the rest use both.
How do i go about it in v18 because it is very easy in v17. …
HI All
Right now we implement MPLS with VPN as backup base on KB-000035833 document. Our MPLS connect with multiple site also VPN Tunnel connect to multiple tunnel to backup MPLS. As per document we need to add
system link_failover add primarylink…
Hi,
i try to configure a SD-WAN Route for a failover scenario with 18.5.2.
There is a VPN Setup for a Branchoffice with a listener/gateway IP configured. Clients are on the local subnet and communicate with the Hostingsolution over VPN.
Now the…
Hello,
I would like to change the Load Balling in my Firwall rule which has a migrated NAT rule.
In the NAT rule I cant ch age anything.
How can I chnage this?
Thank you!
I've recently taken a closer look at the SD-WAN route settings. In the Help section it states the following:
The heading in the SD-WAN section states that the default route is SD-WAN > VPN > Static
This means that I must specify the Internet IPv4…
Hello, our partner tried to implement Policy Based Routing on IPSec Tunnels. The induividual policies for the tunnels seemed to be okay but we ran into the problem that there was an issue with a Policy Route from Source Any to Destination Any where we…
Hi community,
for reasons of simplification let´s assume that our XG450 ( SFOS 18.5.2 MR-2-Build380) has 4 ports configured:
Port 1 - Zone WAN - IP 1.1.1.2/24 Gateway is 1.1.1.1 Additional Alias: 1.1.1.3/32
Port 2 - Zone DMZ1 - IP 2.2.2.1/24 used…
Hello,
I have a sophos XG in beta v19, I wanted to test the SD-WAN routes but I can't get it to work. I have three WAN accesses and for my sdwan route test I just created a rule that routes all nperf (fqdn) traffic to a specific wan. My rule is not…
hi all, under "routing > SD-WAN policy routing > add" incoming interface - you can only select one interface from the drop down menu but under "rules and policies > NAT rules > new nat rule" you can select multiple "inbound interfaces" just wondered why…
Hi,
I have a scenario, where my ISP gives us 02 interfaces being primary (WAN1) and secondary (wan2).
Above these WANs it routes some ips to them, so in case the primary fails, the secondary continues to serve these ips.
That way, I can put a certain…
Hey guys!
Can you help me with a configuration?
I need to migrate the configuration of my VPNs with AWS and I needed to use BGP for that.
Is it too complicated to make this configuration? What is the best scenario for the setup to run smoothly?…