hi all,
how do i change the route precendence from
Static route, SD-WAN route, VPN route.
to
Static route, VPN route, SD-WAN.
so the SD-WAN is the last
when i change, the firewall doesnt require a reboot does it?
thanks,
rob
I am very confused why this isn't working on the Sophos XG but is working if I make a static route on a Windows 10 PC. The below is what I'm trying to accomplish and what the IP and subnets are that are involved. Any assistance in how to accomplish this…
Hi,
When creating and SD-WAN connection group in central, we get to configuring interfaces and have the option of choosing either "SD-WAN profile" or "Primary and Backup gateways".
What is the actual difference here? It's not explained anywhere…
hi all,
want to make WIFI traffic go out a new WAN interface, i think im going to do it like this, what you think
network > interfaces network zone WAN, add ipv4 details and give it a gateway ip rules and policies > nat rules "default SNAT IPv4" change…
I have created an SDWAN routing to route a particular internal network via ISP 2. The problem is even traffic destined to DMZ zone in the same firewall is being routed via this SDWAN policy towards ISP 2 interface.
How can internet from an internal…
Hi
we have two new XGS2100s in HA that have replaced an XG230
On the older XG230 under OS 18.0.5 we had problems with printing from a web server externally to our internal Star CloudPRNT enabled devices (over TCP443).
They are very sporadic and…
Hello
I've got a strange behaviour when upgrading to SFOS 19.5.1 MR-1-Build278 from 19.0.2 MR-2-Build472. (XGS107)
Both of my static routes are not available after upgrade and can't be reestablished.
In Version tree 19.0.x everything is fine,…
So here is the deal - I have an entire network of devices (switches, APs, computers, laptops, servers, printers, IoTs) that was all built on a /16 subnet using public IP space and it is all just using default VLAN/VLAN 1.
176.100.x.x/16. It is slow…
Hi,
I have the the following setup:
Office FW (10.1.0.0/24) <==Policy based ipsec==> DC FW (LAN: 10.2.0.0/24; SSL-VPN: 10.3.0.0/24) <==Route based ipsec==> Partner FW (172.20.32.0/24)
I try to announce the routes for the office (10.1.0.0/24),…
Hie Guys, so im try to configure failover using ospf and a static route that uses a different link . so ospf works fine, when the destination network is not reachable the route is removed etc. but when i configure the static route with an administrative…
Hi.
I use a XG with 19.5.1 MR-1-Build278 Firmware.I have a strange behavior. Today, we can't ping our servers located at a "site to site vpn" branch office.
By now, all I can tell is, that the specific static route gets ignored. I see it on the web…
Hi!
I have created an SD-WAN policy so that the devices of a VLAN go out to the Internet through a specific WAN line. It works.
However, the devices of said vlan can no longer access to a device of another vlan when before the sd-wan rule they could…
Hello, hope all of you are ok.
I need help with something. I have 2 sophos, XG310 and XG210, on firmware 19.5.0. Both are in a buildings complex and share a LAN segment. One has GW 10.10.10.1, now Sophos 1 and the other one has GW 10.10.10.2 now Sophos…
Hi Team,
We encountered a problem wherein customer needs the following:
1. Head Office will route their internet connection to Branch Office once they experience no internet on the site.
2. Vice versa, Branch office should route their internet connection…
Hello Community,
We want to create a SD-WAN Route for WAN traffic and Internal Traffic to Data-Center.
Currently we have Branch location connected to Data-Center on IPSec Tunnel created with xfrm interface and BGP for failover. Now few of our key…
Hi all,
currently i am struggeling with the concept for a customer with more then 20 sites/branch offices.
Current setup is with RED-Devices, but the performance and stability is really bad, so we are thinking about using firewalls instead of red…
Hello,
i have issue with v19.5 , i have server in DMZ zone there's a connection between the server the other in other subnet and i made a rule for this, and working fine, and there's rule LAN TO WAN for this server , the problem is when i create SD…
Good day Team
l have just deployed a firewall XGS 2300
The network has 5 branches which are connected using GRE Tunnels. The communication from branches to HQ is working fine. We have a problem with the communication from one branch office to another…
I need to route a single host through a WAN that is not the default wan.
In the previous firmware version I just had to create a firewall rule and specify the gateway, but now...I'm lost.
I've followed this article Sophos Firewall v19: How to Choose…
Hi Guys, This is our network setup. We have couple of websites and Microsoft Direct Access server sitting on our LAN to access resources from outside .
Currently we have PFSence box and all working without any issue.
With Sophos no luck. I appreciate…
Since upgrading the firmware version, a couple of devices have been blocked from sending traffic between the subnet 192.168.1.0 and 192.168.2.0.
I have set up rules to allow traffic to and from the devices but still unable to ping.
the device in…
Hi There,
i started today with the XG on virtual environment (ESXi7).
I set up a statc route for external additional Network using by a health service.
I add an rule who allows to forward the traffic to this specific network via an internal router…
Hi, We have 2 Wan Ports with load balancing.
We would like for specific websites to go through port WAN2 but all other traffic (other websites) to use the load balancing ratio we have set up.
Sophos XG 135 V19.
I'm having issues getting a static route or SD-WAN route to work on my XGS 116 (19.5 MR1 firmware). I am in the process of replacing aging SonicWall devices with Sophos and it's mostly going ok, except for this issue. The network layout is fairly simple…
Apologies for my poor understanding on routers and English language.
XG210 19.0.0 GA-Build317
We have 3 public IP address ranges from 3 ISPs assigned to 3 WAN ports.
Is it possible to reach our ISP-1's IP address range via ISP-2, ISP-3 WAN when…